Nessus 的 CGI abuses 系列

ID名称严重性
206798Atlassian Confluence < 7.19.26/7.20.x < 8.5.14/8.6.x < 9.0.1 (CONFSERVER-97720)
high
206714ManageEngine Endpoint Central < 11.3.2400.15、< 11.3.2406.08 错误授权漏洞
high
206450Atlassian Confluence < 7.19.26/7.20.x < 8.5.14/8.6.x < 8.9.5/9.0.1 (CONFSERVER-97657)
high
206393Apache OFBiz < 18.12.15 远程代码执行 (CVE-2024-38856)
critical
206317ManageEngine PAM360 < 7.0 Build 7001 SQLi
high
206316ManageEngine Password Manager Pro < 12.4 Build 12431 SQLi
high
206305Mattermost Server 9.5.x < 9.5.8 / 9.8.x < 9.8.3 / 9.9.x < 9.9.2 / 9.10.x < 9.10.1 多个漏洞 (MMSA-2024-00353/MMSA-2024-00357)
medium
206304Mattermost Server 9.10.x < 9.10.1 / 9.5.x < 9.5.8 (MMSA-2024-00352)
low
206274Magento XXE (CVE-2024-34102)
critical
206273SolarWinds Web Help Desk < 12.8.3 HF 2 HardCoded 凭据
critical
206271ManageEngine OpManager RCE (CVE-2024-5466)
high
206181ManageEngine SupportCenter Plus < 14.8 Build 14810
medium
206166Acronis Cyber Infrastructure 5.1.x < 5.1.1-71 / 5.2.x < 5.2.1-69 / 5.3.x < 5.3.1-53 / 5.4.x < 5.4.4-132 / < 5.0.1-61 (SEC-6452)
critical
206164WordPress 插件“LiteSpeed Cache”< 6.4 特权提升
critical
206151ManageEngine ServiceDesk Plus MSP < 14.8 Build 14810
medium
206120GitLab < 17.1.6 / 17.2 < 17.2.4 / 17.3 < 17.3.1 (CVE-2024-8041)
medium
206119GitLab 12.5 < 17.1.6/17.2 < 17.2.4/17.3 < 17.3.1 (CVE-2024-3127)
medium
206118GitLab 17.1 < 17.1.6/17.2 < 17.2.4/17.3 < 17.3.1 (CVE-2024-7110)
medium
206117GitLab 8.2 < 17.1.6/17.2 < 17.2.4/17.3 < 17.3.1 (CVE-2024-6502)
medium
206037Joomla 3.0.x < 3.10.17/4.0.x < 4.4.7/5.0.x < 5.1.3 多个漏洞 (5910-joomla-5-1-3-and-4-4-7-security-and-bug-fix-release)
critical
205871WordPress 插件“GiveWP - Donation Plugin and Fundraising Platform”< 3.14.2 RCE
critical
205618SolarWinds Web Help Desk < 12.8.3 HF 1 反序列化 RCE
critical
205602Dorsett Controls InfoScan < 1.38 多个漏洞(2024 年 7 月)
high
205597Kibana 7.7.x < 7.17.23 / 8.0.x < 8.14.2 (ESA-2024-22)
high
205446Ivanti Virtual Traffic Manager (vTM) 22.2 < 22.2R1 / 22.3 < 22.3R3 / 22.5 < 22.5R2 / 22.6 < 22.6R2 / 22.7 < 22.7R2 身份验证绕过 (CVE-2024-7593)
critical
205423Sunhillo SureLine < 8.7.0.1.1 未经身份验证的 OS 命令注入 (CVE-2021-36380)
critical
205389Atlassian Bitbucket < 8.9.13/8.19.2 开放重定向
low
205309Atlassian Confluence < 7.19.25/7.20.x < 8.5.12/8.6.x < 8.9.4 (CONFSERVER-96135)
low
205301Progress WhatsUp Gold 文件上传 RCE (CVE-2024-4884)
critical
205297Roundcube Webmail 1.5.x < 1.5.8/1.6.x < 1.6.8 多个漏洞
critical
205292Mattermost Server 9.0.x < 9.9.1/9.10.0/9.5.x < 9.5.7 (MMSA-2024-00356)
medium
205263Cisco Smart Software Manager On-Prem 密码更改漏洞 (CVE-2024-20419)
critical
205207GitLab 1 < 17.0.6 / 17.1 < 17.1.4 / 17.2 < 17.2.2 (CVE-2024-5423)
medium
205206GitLab 8.16 < 17.0.6/17.1 < 17.1.4/17.2 < 17.2.2 (CVE-2024-6329)
high
205205GitLab 8.12 < 17.0.6/17.1 < 17.1.4/17.2 < 17.2.2 (CVE-2024-3035)
high
205204GitLab 5.1 < 17.0.6/17.1 < 17.1.4/17.2 < 17.2.2 (CVE-2024-4207)
medium
205203GitLab 11.10 < 17.0.6/17.1 < 17.1.4/17.2 < 17.2.2 (CVE-2024-3114)
medium
205202GitLab 15.9 < 17.0.6/17.1 < 17.1.4/17.2 < 17.2.2 (CVE-2024-7610)
medium
205201GitLab 16.7 < 17.0.6/17.1 < 17.1.4/17.2 < 17.2.2 (CVE-2024-4784)
medium
205200GitLab < 17.0.6 / 17.1 < 17.1.4 / 17.2 < 17.2.2 (CVE-2024-3958)
medium
205199GitLab 13.9 < 17.0.6/17.1 < 17.1.4/17.2 < 17.2.2 (CVE-2024-7554)
medium
205198GitLab 12.6 < 17.0.6/17.1 < 17.1.4/17.2 < 17.2.2 (CVE-2024-4210)
medium
205197GitLab 11.3 < 17.0.6/17.1 < 17.1.4/17.2 < 17.2.2 (CVE-2024-2800)
high
205143Jenkins LTS < 2.452.4 / Jenkins weekly < 2.471 多个漏洞
high
205025GeoServer Jai-EXT RCE (CVE-2022-24816)
critical
204972OSGeo GeoServer RCE (CVE-2024-36401)
critical
204971OSGeo GeoTools RCE (CVE-2024-36404)
critical
204970ManageEngine OpManager SQLi (CVE-2024-6748)
high
204968WordPress < 6.6.1
high
204785Progress Telerik Report Server 不安全的反序列化 (CVE-2024-6327)
critical