检测

Nessus 的 CGI abuses 系列

ID名称严重性
170058GitLab 12.8 < 15.4.6 / 15.5 < 15.5.5 / 15.6 < 15.6.1 (CVE-2022-3478)
medium
169976PHP 8.2.x < 8.2.1
critical
169975GitLab 15.4 < 15.4.6 / 15.5 < 15.5.5 / 15.6 < 15.6.1 (CVE-2022-3820)
medium
169907HTMLawed < 1.2.9 命令注入 (CVE-2022-35914)
critical
169906Zyxel 命令注入漏洞 (CVE-2022-30525)(直接检查)
critical
169673EMC RSA Archer 6.0 < 6.9 SP3 P4 / 6.10 < 6.10 P2 远程代码执行
high
169631PHP 8.1.x < 8.1.14
critical
169630PHP 8.0.x < 8.0.27
critical
169605ManageEngine PAM360 < 5.8 Build 5801 SQLi
critical
169582IBM Cognos Analytics 多个漏洞 (6841801)
critical
169572ManageEngine Access Manager Plus < 4.3 Build 4309 SQLi
critical
169571ManageEngine Password Manager Pro < 12.2 Build 12210 SQLi
critical
169507Symantec Messaging Gateway < 10.8 XSS (21115)
medium
169457SolarWinds Web Help Desk <= 12.7.6 任意代码执行
medium
169427GitLab < 15.3.5 (CVE-2022-3265)
medium
169277SolarWinds Platform 2022.4.1
medium
168915Trend Micro Mobile Security for Enterprise 文件删除 (CVE-2022-40980)
critical
168914企业版 Trend Micro Mobile Security Web 控制台检测
info
168876VMware Workspace One Access / VMware Identity Manager 多个漏洞 (VMSA-2022-0032)
high
168664TYPO3 9.0.0 < 9.5.38 ELTS / 10.0.0 < 10.4.33 / 11.0.0 < 11.5.20 / 12.0.0 < 12.1.1 (TYPO3-CORE-SA-2022-016)
medium
168663TYPO3 9.0.0 < 9.5.38 ELTS / 10.0.0 < 10.4.33 / 11.0.0 < 11.5.20 (TYPO3-CORE-SA-2022-012)
high
168662TYPO3 8.0.0 < 8.7.49 ELTS / 9.0.0 < 9.5.38 ELTS / 10.0.0 < 10.4.33 / 11.0.0 < 11.5.20 / 12.0.0 < 12.1.1 (TYPO3-CORE-SA-2022-013)
medium
168661TYPO3 8.0.0 < 8.7.49 ELTS / 9.0.0 < 9.5.38 ELTS / 10.0.0 < 10.4.33 / 11.0.0 < 11.5.20 / 12.0.0 < 12.1.1 XSS (TYPO3-CORE-SA-2022-017)
medium
168660TYPO3 8.0.0 < 8.7.49 ELTS / 9.0.0 < 9.5.38 ELTS / 10.0.0 < 10.4.33 / 11.0.0 < 11.5.20 / 12.0.0 < 12.1.1 (TYPO3-CORE-SA-2022-015)
high
168659TYPO3 10.0.0 < 10.4.33 / 11.0.0 < 11.5.20 / 12.0.0 < 12.1.1 (TYPO3-CORE-SA-2022-014)
medium
168654Citrix ADC 和 Citrix Gateway RCE (CTX474995)
critical
168545WordPress 插件“AdRotate Banner Manager” < 5.9.1 XSRF
high
168500PHP 8.2.x < 8.2.0 多个漏洞
critical
168496Apache Solr 7.4.0 <= 7.7.3 / 8.0.0 <= 8.11.0 RCE
critical
168495Apache Solr < 8.11.1 信息泄露漏洞
critical
168478PrimeTek PrimeFaces 远程代码执行 (CVE-2017-1000486)
critical
168361ManageEngine ServiceDesk Plus < 14.0 Build 14001 多个漏洞
medium
168360ManageEngine AssetExplorer < 6.9 Build 6981 特权提升
medium
168359ManageEngine ServiceDesk Plus < 13.0 Build 13011 RCE
high
168358ManageEngine SupportCenter Plus < 11.0 Build 11026 多个漏洞
high
168357ManageEngine AssetExplorer 6.9 Build 6980 XXE
medium
168356ManageEngine ServiceDesk Plus MSP < 10.6 Build 10609 特权提升
medium
168355ManageEngine ServiceDesk Plus MSP < 13.0 Build 13000 RCE
high
168354ManageEngine SupportCenter Plus < 11.0 Build 11025 特权提升
medium
168353ManageEngine ServiceDesk Plus MSP < 13.0 Build 13001 XXE
medium
168352Mattermost Server < 7.4.0 DoS (MMSA-2022-00124)
medium
168351Mattermost Server < 7.1.4 / 7.2.x < 7.2.1 / 7.3.x < 7.3.1 DoS (MMSA-2022-00120)
medium
168350Mattermost Server < 7.1.4 / 7.2.x < 7.2.1 / 7.3.x < 7.3.1 DoS (MMSA-2022-00118)
medium
168325Atlassian Crowd 3.x / 4.x < 4.4.4 / 5.x < 5.0.3 安全绕过 (CWD-5888)
critical
168269Zimbra Collaboration Server 8.8.x < 8.8.15 Patch 35 / 9.0.0 < 9.0.0 Patch 28 多个漏洞
high
168019GitLab < 15.3.5 (CVE-2022-3818)
medium
167867WordPress 插件“Advanced Custom Fields”< 5.12.4, 6.x < 6.0.3 自定义字段值暴露
high
167634Jenkins Enterprise 和 Operations Center 2.346.x < 2.346.40.0.6 / 2.361.3.4 多个漏洞(CloudBees 安全公告 2022-11-15)
critical
167615VMware Workspace One Assist 多个漏洞 (VMSA-2022-0028)
critical
167509Dell EMC iDRAC9 < 6.00.30.00 (DSA-2022-265)
medium