尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
| 厂商 | 产品 | 影响版本 | CPE | 订阅 |
|---|---|---|---|---|
| Unknown | Ninja Forms Contact Form | 0 ~ 3.6.22 | - |
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | Ninja Forms before 3.6.22 is susceptible to cross-site scripting via the page parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-1835.yaml | POC详情 |
未找到公开 POC。
登录以生成 AI POC| CVE-2023-0763 | WordPress plugin Clock In Portal- Staff & Attendance Management 跨站请求伪造漏洞 | |
| CVE-2023-1207 | WordPress plugin HTTP Headers SQL注入漏洞 | |
| CVE-2023-1549 | WordPress plugin Ad Inserter 代码问题漏洞 | |
| CVE-2023-0600 | WordPress plugin WP Visitor Statistics (Real Time Traffic) SQL注入漏洞 | |
| CVE-2023-0762 | WordPress plugin Clock In Portal- Staff & Attendance Management 跨站请求伪造漏洞 | |
| CVE-2023-1915 | WordPress plugin Thumbnail carousel slider 跨站脚本漏洞 | |
| CVE-2023-0892 | WordPress plugin BizLibrary 跨站脚本漏洞 | |
| CVE-2023-2180 | WordPress plugin KIWIZ Invoices Certification & PDF System 安全漏洞 | |
| CVE-2023-2179 | WordPress plugin WooCommerce Order Status Change Notifier 安全漏洞 | |
| CVE-2023-1596 | WordPress plugin tagDiv Composer 跨站脚本漏洞 | |
| CVE-2023-0520 | WordPress plugin RapidExpCart 跨站脚本漏洞 | |
| CVE-2023-0233 | WordPress plugin ActiveCampaign 跨站脚本漏洞 | |
| CVE-2023-0812 | WordPress plugin Active Directory Integration / LDAP Integration 信息泄露漏洞 | |
| CVE-2023-0490 | WordPress plugin f(x) TOC 跨站脚本漏洞 | |
| CVE-2023-0644 | WordPress plugin Push Notifications for WordPress by PushAssist 跨站脚本漏洞 | |
| CVE-2023-1890 | WordPress plugin Tablesome 跨站脚本漏洞 | |
| CVE-2023-2009 | WordPress plugin URL field in the Pretty Url 跨站脚本漏洞 | |
| CVE-2023-1019 | WordPress plugin Help Desk WP 跨站脚本漏洞 | |
| CVE-2023-0761 | WordPress plugin Clock In Portal- Staff & Attendance Management 跨站请求伪造漏洞 | |
| CVE-2022-4774 | WordPress plugin Bit Form 代码问题漏洞 |
显示前 20 条,共 22 条。 查看全部 → →
暂无评论