Updated by Github Bot

EXP-Tools · Jan 28, 2025 · 44c9093 · 44c9093
1 parent 7f7e0af
commit 44c9093
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 25 deletions.
diff --git a/cache/Tenable (Nessus).dat b/cache/Tenable (Nessus).dat
@@ -129,3 +129,6 @@ dffe4fa2b7709d60703890ca848c48c0
 0c6411dabc3e7799ca7b24bd9408650d
 6f07134437130cd8f100b038a1811ee6
 1cf21763e7f8f94e271cffc855277062
+a0530c4d6b854ffa6c517a084fa1783a
+f1b1405a34dfd8ca3b58cf2faefc5e66
+9ba585da1caf9eed676352ebed3d1c90
diff --git a/data/cves.db b/data/cves.db
diff --git a/docs/index.html b/docs/index.html
@@ -1,4 +1,4 @@
-<!-- RELEASE TIME : 2025-01-28 06:31:37 -->
+<!-- RELEASE TIME : 2025-01-28 09:24:34 -->
 <html lang="zh-cn">
 
  <head>
@@ -283,6 +283,30 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <th width="43%">TITLE</th>
        <th width="5%">URL</th>
       </tr>
+      <tr>
+       <td>a0530c4d6b854ffa6c517a084fa1783a</td>
+       <td>CVE-2025-24810</td>
+       <td>2025-01-28 05:15:11 <img src="imgs/new.gif" /></td>
+       <td>Cross-site scripting vulnerability exists in Simple Image Sizes 3.2.3 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is logging in to the product with the administrative privilege and accessing the settings screen.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2025-24810">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>f1b1405a34dfd8ca3b58cf2faefc5e66</td>
+       <td>CVE-2025-23084</td>
+       <td>2025-01-28 05:15:11 <img src="imgs/new.gif" /></td>
+       <td>A vulnerability has been identified in Node.js, specifically affecting the handling of drive names in the Windows environment. Certain Node.js functions do not treat drive names as special on Windows. As a result, although Node.js assumes a relative path, it actually refers to the root directory. On Windows, a path that does not start with the file separator is treated as relative to the current directory. This vulnerability affects Windows users of `path.join` API.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2025-23084">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>9ba585da1caf9eed676352ebed3d1c90</td>
+       <td>CVE-2024-11135</td>
+       <td>2025-01-28 05:15:09 <img src="imgs/new.gif" /></td>
+       <td>The Eventer plugin for WordPress is vulnerable to SQL Injection via the 'event' parameter in the 'eventer_get_attendees' function in all versions up to, and including, 3.9.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-11135">详情</a></td>
+      </tr>
+
       <tr>
        <td>e70775c5400c56ec2696912397deb270</td>
        <td>CVE-2024-53881</td>
@@ -499,30 +523,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-39750">详情</a></td>
       </tr>
 
-      <tr>
-       <td>5467de14d5f481a9de234c5d94ceb211</td>
-       <td>CVE-2024-35134</td>
-       <td>2025-01-25 14:15:29</td>
-       <td>IBM Analytics Content Hub 2.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-35134">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>405bbd0c7df519085d4e3e71b13fbb50</td>
-       <td>CVE-2024-35114</td>
-       <td>2025-01-25 14:15:29</td>
-       <td>IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to enumerate usernames due to an observable discrepancy between login attempts.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-35114">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>3d1dbe68cc08b42a53b731db92cdb0da</td>
-       <td>CVE-2024-35113</td>
-       <td>2025-01-25 14:15:29</td>
-       <td>IBM Control Center 6.2.1 and 6.3.1 could allow an authenticated user to obtain sensitive information exposed through a directory listing.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-35113">详情</a></td>
-      </tr>
-
      </tbody>
     </table>
    </div>