检测

插件

Nessus 的 CGI abuses 系列

ID	名称	严重性
266024	GitLab 11.10 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-8014)	high
265988	GitLab 17.2 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-11042)	medium
265987	GitLab 14.10 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-9642)	high
265982	GitLab 18.1 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-10867)	low
265981	GitLab 16.6 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-7691)	medium
265961	GitLab 17.4 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-10868)	low
265960	GitLab 17.10 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-5069)	low
265959	GitLab 16.6 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-10871)	low
265958	GitLab 14.10 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-9958)	medium
265957	GitLab < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-10858)	high
265948	Dell Data Domain OS 命令注入 (DSA-2025-159)	high
265946	Fortra GoAnywhere Managed File Transfer (MFT) < 7.8.1 中断访问控制 (fi-2025-009)	medium
265889	Apache Solr < 9.8.0 通过 <lib> 注入导致的 ConfigSet 权限升级 (CVE-2025-24814)	medium
265789	Dotnetnuke < 10.1.0 使用后端管理员凭据存储的 XSS (CVE-2025-59546)	low
265757	Dotnetnuke < 10.1.0 Prompt 模块中的存储跨站脚本 (XSS) (CVE-2025-59545)	critical
265756	Dotnetnuke < 10.1.0 使用 url 进行配置文件的反射型跨站脚本 (XSS) (CVE-2025-59821)	medium
265752	Dotnetnuke < 10.1.0 通过查询参数在匿名客户端上加载未使用的主题 (CVE-2025-59535)	medium
265721	Dotnetnuke < 10.1.0 Prompt 模块中的存储跨站脚本 (XSS) (GHSA-2qxc-mf4x-wr29)	high
265720	Dotnetnuke < 10.1.0 使用后端管理员凭据存储的 XSS (GHSA-gj8m-5492-q98h)	high
265718	Dotnetnuke < 10.1.0 使用 url 进行配置文件的反射型跨站脚本 (XSS) (GHSA-jc4g-c8ww-5738)	high
265441	Atlassian Confluence 2.0 < 8.5.24 / 8.6.x < 9.2.6 / 9.3.x < 9.5.2 / 10.0.x < 10.0.3 RCE (CONFSERVER-100795)	high
265438	Fortra GoAnywhere Managed File Transfer (MFT) < 7.6.3 / 7.7.x < 7.8.4 反序列化 (CVE-2025-10035)	critical
265328	Openfire < 5.0.2 / 5.1.0 身份欺骗	medium
265325	Jenkins LTS < 2.516.3 / Jenkins weekly < 2.528 多个漏洞	high
264901	Mattermost Server 10.5.x < 10.5.9 / 10.8.x < 10.8.4 / 10.9.x < 10.9.4 / 10.10.x < 10.10.1 / 10.11.0 路径遍历 (MMSA-2025-00501)	medium
264900	Mattermost Server 9.11.x < 9.11.18 / 10.5.x < 10.5.9 / 10.8.x < 10.8.4 / 10.9.x < 10.9.4 / 10.10.x < 10.10.1 / 10.11.0 不当验证 (MMSA-2025-00506)	medium
264899	Mattermost Server 9.11.x < 9.11.18 / 10.5.x < 10.5.9 / 10.8.x < 10.8.4 / 10.9.x < 10.9.3 / 10.10.0 多种漏洞（MMSA-2025-00498、 MMSA-2025-00499）	medium
264626	Mattermost 服务器 9.11.x < 9.11.18 / 10.5.x < 10.5.9 / 10.8.x < 10.8.4 / 10.9.x < 10.9.3 / 10.10.x < 10.10.1 / 10.11.0 不受限制的文件上传 (MMSA-2025-00505)	medium
264625	Mattermost Server 10.5.x < 10.5.9 / 10.10.0 错误授权 (MMSA-2025-00470)	medium
264624	Mattermost Server 9.11.x < 9.11.18 / 10.5.x < 10.5.9 / 10.10.0 错误授权 (MMSA-2025-00485)	low
264600	GitLab 10.7 < 18.1.6 / 18.2 < 18.2.6 / 18.3 < 18.3.2 (CVE-2025-10094)	medium
264599	GitLab 7.8 < 18.1.6 / 18.2 < 18.2.6 / 18.3 < 18.3.2 (CVE-2025-7337)	medium
264598	GitLab 15.1 < 18.1.6 / 18.2 < 18.2.6 / 18.3 < 18.3.2 (CVE-2025-6769)	medium
264597	GitLab 15.0 < 18.1.6 / 18.2 < 18.2.6 / 18.3 < 18.3.2 (CVE-2025-1250)	medium
264596	GitLab 7.12 < 18.1.6 / 18.2 < 18.2.6 / 18.3 < 18.3.2 (CVE-2025-2256)	high
264595	GitLab 16.11 < 18.1.6 / 18.2 < 18.2.6 / 18.3 < 18.3.2 (CVE-2025-6454)	high
261788	TYPO3 9.0.0 < 9.5.55 ELTS / 10.0.0 < 10.4.54 ELTS / 11.0.0 < 11.5.48 ELTS / 12.0.0 < 12.4.37 / 13.0.0 < 13.4.18 (TYPO3-CORE-SA-2025-020)	medium
261786	TYPO3 11.0.0 < 11.5.48 ELTS / 12.0.0 < 12.4.37 / 13.0.0 < 13.4.18 (TYPO3-CORE-SA-2025-018)	medium
261784	TYPO3 11.0.0 < 11.5.48 ELTS / 12.0.0 < 12.4.37 / 13.0.0 < 13.4.18 (TYPO3-CORE-SA-2025-023)	medium
261780	TYPO3 9.0.0 < 9.5.55 ELTS / 10.0.0 < 10.4.54 ELTS / 11.0.0 < 11.5.48 ELTS / 12.0.0 < 12.4.37 / 13.0.0 < 13.4.18 (TYPO3-CORE-SA-2025-022)	high
261779	TYPO3 12.0.0 < 12.4.37 / 13.0.0 < 13.4.18 (TYPO3-CORE-SA-2025-019)	medium
261778	TYPO3 9.0.0 < 9.5.55 ELTS / 10.0.0 < 10.4.54 ELTS / 11.0.0 < 11.5.48 ELTS / 12.0.0 < 12.4.37 / 13.0.0 < 13.4.18 (TYPO3-CORE-SA-2025-021)	medium
261777	TYPO3 9.0.0 < 9.5.55 ELTS / 10.0.0 < 10.4.54 ELTS / 11.0.0 < 11.5.48 ELTS / 12.0.0 < 12.4.37 / 13.0.0 < 13.4.18 (TYPO3-CORE-SA-2025-017)	medium
261775	配置数据库 0.41.x < 0.41.7 / 0.42.x < 0.42.4 / 1.41.x < 1.41.7 / 1.42.x 1.42.4	high
261774	配置数据库 0.41.x < 0.41.9 / 0.42.x < 0.42.6 / 0.43.x < 0.43.7 ] / 0.44.x < 0.44.5 / 1.41.x < 1.41.9 / 1.42.x < 1.42.6 / 1.43.x < 1.43.7 / 1.44.x 1.44.5	medium
261773	配置数据库 0.43.x < 0.43.7.1 / 0.44.x < 0.44.6.1 / 0.45.x < 0.45.2.1 / 1.43.x < 1.43.7.1 / 1.44.x < 1.44.6.1 / 1.45.x 1.45.2.1	medium
261772	Metabase < 0.29.3 XSS	medium
261771	元数据库 0.44.5	medium
261770	Metabase 0.43.x < 0.43.7.3 / 0.44.x < 0.44.7.3 /0.45.x < 0.45.4.3 / 0.46.x < 0.46.6.4 / 1.43.x < 1.43.7.3 / 1.44.x < 1.44.7.3 / 1.45.x < 1.45.4.3 / 1.46.x < 1.46.6.4	critical
261769	配置数据库 0.42.x < 0.42.6 / 0.43.x < 0.43.7 / 0.44.x < 0.44.5 / 1.42.x < 1.42.6 / 1.43.x < 1.43.7 / 1.44.x 1.44.5	medium

检测

Nessus 的 CGI abuses 系列

high

medium

high

low

medium

low

low

low

medium

high

high

medium

medium

low

critical

medium

medium

high

high

high

high

critical

medium

high

medium

medium

medium

medium

medium

low

medium

medium

medium

medium

high

high

medium

medium

medium

high

medium

medium

medium

high

medium

medium

medium

medium

critical

medium