检测

Nessus 的 CGI abuses 系列

ID名称严重性
146309SolarWinds Orion Platform < 2019.4.2 远程代码执行
critical
146103Atlassian JIRA < 8.5.10 / 8.6.x < 8.13.2 信息泄漏 (JRASERVER-72002)
medium
146091SonicWall Secure Mobile Access 远程代码执行 (SNWLID-2021-0001)
critical
146088SonicWall Secure Mobile Access (SMA) Web 检测
info
146087Apache ActiveMQ 5.x < 5.15.14 / 5.16.x < 5.16.1 多个漏洞
high
145569Oracle Primavera Unifier(2021 年 1 月 CPU)
critical
145538Oracle MySQL Enterprise Monitor 多个漏洞(2021 年 1 月 CPU)
high
145533Jenkins < 2.263.3 LTS / 2.276 TOCTOU
medium
145248Jenkins < 2.263.2 LTS / 2.275 多个漏洞
high
145245Oracle Primavera P6 Enterprise Project Portfolio Management(2021 年 1 月 CPU)
medium
145223Oracle Primavera Gateway(2021 年 1 月 CPU)
high
144980Joomla 3.0.x < 3.9.24 多个漏洞 (5830-joomla-3-9-24)
medium
144947PHP 7.3.x < 7.3.26 / 7.4.x < 7.4.14 / 8.x < 8.0.1 输入验证错误
medium
144793ManageEngine Applications Manager REST API SQLi
critical
144756Dell iDRAC XSS (DSA-2020-268)
medium
144649phpMyAdmin 4.9.0 < 4.9.6 / 5.0.0 < 5.0.3 多个漏洞(PMASA-2020-5、PMASA-2020-6)
critical
144646phpMyAdmin 4.9.0 < 4.9.5 / 5.0.0 < 5.0.2 多个漏洞(PMASA-2020-2、PMASA-2020-3、PMASA-2020-4)
high
144644phpMyAdmin 4.4.0 < 4.4.15.1 / 4.5.0 < 4.5.1 内容伪造漏洞 (PMASA-2015-5)
medium
144641phpMyAdmin 4.0.0 < 4.0.10.12 / 4.4.0 < 4.4.15.2 / 4.5.0 < 4.5.3.1 信息泄露漏洞 (PMASA-2015-6)
medium
144622SolarWinds Orion Platform < 2019.4 HF6 / 2020.2 < 2020.2.1 HF2 身份验证绕过 (SUPERNOVA)
critical
144366SolarWinds Orion Platform < 2020.2.1 XSS
critical
144365Apache Struts 2.x < 2.5.26 RCE (S2-061)(直接检查)
critical
144198SolarWinds Orion Platform 2019.4 HF5 / 2020.2.x < 2020.2.1 SUNBURST 恶意软件后门
high
143600ManageEngine ServiceDesk Plus < 10.0 Build 10012 任意文件上传
medium
143574VMware Workspace One Access / VMware Identity Manager 命令注入漏洞 (VMSA-2020-0027)
critical
143532phpMyAdmin 4.0.x < 4.0.10.18 / 4.4.x < 4.4.15.9 / 4.6.x < 4.6.5 多个漏洞
critical
143489phpMyAdmin 4.0.x < 4.0.10.15 / 4.4.x < 4.4.15.5 / 4.5.x < 4.5.5.1 多个漏洞
medium
143449PHP 7.3.x < 7.3.25 / 7.4.x < 7.4.13 多个漏洞
medium
143422EMC RSA Archer 6.8 < 6.8.0.4 / 6.9 < 6.9.0.1 URL 注入
medium
143380Joomla 1.7.x < 3.9.23 多个漏洞 (5828-joomla-3-9-23)
critical
143282phpMyAdmin 4.0.0 < 4.0.10.17 / 4.4.0 < 4.4.15.8 / 4.6.0 < 4.6.4 多个漏洞
critical
143274Drupal 7.x < 7.75 / 8.x < 8.8.12 / 8.9.x < 8.9.10 / 9.0.x < 9.0.9 多个漏洞 (SA-CORE-2020-013)
high
143273phpMyAdmin 4.0.x < 4.0.10.10 / 4.2.x < 4.2.13.3 / 4.3.x < 4.3.13.1 / 4.4.x < 4.4.6.1 多个漏洞(PMASA-2015-2、PMASA-2015-3)
medium
143272Atlassian JIRA < 7.13.18 / 8.0.x < 8.5.9 / 8.6.x < 8.12.1 信息泄露 (JRASERVER-71646)
medium
143262phpMyAdmin 4.3.x < 4.7.8 XSS (PMASA-2018-1)
medium
143253phpMyAdmin 4.7.x < 4.7.7 XSRF (PMASA-2017-9)
high
143126Drupal 7.x < 7.74 / 8.x < 8.8.11 / 8.9.x < 8.9.9 / 9.0.x < 9.0.8 RCE (SA-CORE-2020-012)
high
142904PHP 7.4.x < 7.4.12 DoS
medium
142894Citrix SD-WAN Center 10.2.x < 10.2.8 / 11.1.x < 11.1.2b / 11.2.x < 11.2.2 多个漏洞 (CTX285061)
critical
142893Zimbra Collaboration Server 9.x < 9.0.0 P2 XSS
medium
142892Zimbra Collaboration Server < 8.8.15 P10 / 9.x < 9.0.0 P3 无限制上传
high
142878Zimbra Collaboration Server < 8.8.15 P11 / 9.x < 9.0.0 P4 XSS
medium
142742Adobe Connect < 11.0.5 XSS (ASPB20-69)
medium
142596Dell OpenManage Server Administrator 路径遍历 (DSA-2020-172)
critical
142591PHP < 7.3.24 多种漏洞
high
142462Selligent Message Studio Struts 代码执行 (CVE-2013-2251)
critical
142420WordPress < 5.5.2 多个漏洞
critical
141847MySQL Enterprise Monitor 8.0.x < 8.0.22.1262 DoS(2020 年 10 月 CPU)
high
141828Atlassian JIRA < 8.5.9 / 8.6.x < 8.12.3 / 8.13.x < 8.13.1 XSS (JRASERVER-71652)
medium
141810WordPress Loginizer 插件 < 1.6.4 绑定 SQLi (CVE-2020-27615)
critical