偵測

Nessus 的 CGI abuses 系列

ID名稱嚴重性
269974Kibana 7.0.x <= 7.17.29 / 8.0.x <= 8.18.7 / 8.19.x <= 8.19.4 / 9.0.x <= 9.0.7 / 9.1.x <= 9.1.4 多個 XSS (ESA-2025-17, ESA-2025-20)
high
269973Kibana 7.0.x <= 7.17.29 / 8.0.x <= 8.18.7 / 8.19.x <= 8.19.3 / 9.0.x <= 9.0.6 / 9.1.x <= 9.1.3 XSS (ESA-2025-16)
high
269804Zimbra Collaboration Server 9.x < 9.0.0 Patch 39、 10.0.x < 10.0.13、 10.1.x < 10.1.5 XSS
medium
269803GitLab 13.12 <18.2.8/18.3 < 18.3.4/18.4 < 18.4.2 (CVE-2025-10004)
high
269802GitLab 18.3 < 18.3.4 / 18.4 < 18.4.2 (CVE-2025-11340)
high
269801GitLab 5.2 <18.2.8/18.3 < 18.3.4/18.4 < 18.4.2 (CVE-2025-2934)
medium
266443Splunk Enterprise 9.2.0 < 9.2.8、9.3.0 < 9.3.6、9.4.0 < 9.4.4 (SVD-2025-1001)
medium
266411Splunk Enterprise 9.2.0 < 9.2.8、9.3.0 < 9.3.6、9.4.0 < 9.4.4 (SVD-2025-1004)
medium
266410Splunk Enterprise 9.2.0 < 9.2.8、9.3.0 < 9.3.6、9.4.0 < 9.4.4 (SVD-2025-1002)
medium
266409Splunk Enterprise 9.2.0 < 9.2.8、9.3.0 < 9.3.6、9.4.0 < 9.4.4 (SVD-2025-1003)
medium
266359Splunk Enterprise 9.2.0 < 9.2.8、9.3.0 < 9.3.6、9.4.0 < 9.4.4、10.0.0 < 10.0.1 (SVD-2025-1005)
medium
266358Splunk Enterprise 9.2.0 < 9.2.8、9.3.0 < 9.3.6、9.4.0 < 9.4.4、10.0.0 < 10.0.1 (SVD-2025-1006)
high
266292Joomla 4.0.x < 4.4.14 / 5.0.x < 5.3.4 Joomla 5.3.4 安全性和錯誤修正版本 (5936-joomla-5-3-4-security-bugfix-release)
high
266222Mattermost Server 10.5.x < 10.5.10 / 10.11.0 URL 重新導向 (MMSA-2025-00511)
medium
266221Mattermost Server 9.11.x < 9.11.18 / 10.5.x < 10.5.9 / 10.11.0 授權繞過 (MMSA-2025-00502)
medium
266220Mattermost Server 10.5.x < 10.5.10 / 10.9.x < 10.9.5 / 10.10.x < 10.10.2 / 10.11.0 URL 重新導向 (MMSA-2025-00509)
high
266219Mattermost Server 10.10.x < 10.10.2 / 10.11.0 缺少授權 (MMSA-2025-00513)
medium
266069Apache Solr 6.6.x < 9.8.0 相對路徑遊走
medium
266024GitLab 11.10 <18.2.7/18.3 < 18.3.3/18.4 < 18.4.1 (CVE-2025-8014)
high
265988GitLab 17.2 <18.2.7/18.3 < 18.3.3/18.4 < 18.4.1 (CVE-2025-11042)
medium
265987GitLab 14.10 <18.2.7/18.3 < 18.3.3/18.4 < 18.4.1 (CVE-2025-9642)
high
265982GitLab 18.1 <18.2.7/18.3 < 18.3.3/18.4 < 18.4.1 (CVE-2025-10867)
low
265981GitLab 16.6 <18.2.7/18.3 < 18.3.3/18.4 < 18.4.1 (CVE-2025-7691)
medium
265961GitLab 17.4 <18.2.7/18.3 < 18.3.3/18.4 < 18.4.1 (CVE-2025-10868)
low
265960GitLab 17.10 <18.2.7/18.3 < 18.3.3/18.4 < 18.4.1 (CVE-2025-5069)
low
265959GitLab 16.6 <18.2.7/18.3 < 18.3.3/18.4 < 18.4.1 (CVE-2025-10871)
low
265958GitLab 14.10 <18.2.7/18.3 < 18.3.3/18.4 < 18.4.1 (CVE-2025-9958)
medium
265957GitLab < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-10858)
high
265948Dell Data Domain OS 命令插入 (DSA-2025-159)
high
265947Dell Data Domain OS 驗證繞過 (DSA-2025-159)
critical
265946Fortra GoAnywhere Managed File Transfer (MFT) < 7.8.1 存取控制損毀 (fi-2025-009)
medium
265889Apache Solr < 9.8.0 ConfigSet 權限提升透過 <lib> 插入 (CVE-2025-24814)
medium
265789Dotnetnuke < 10.1.0 使用後端系統管理員認證已儲存 XSS (CVE-2025-59546)
low
265757Dotnetnuke < 10.1.0 已儲存跨網站指令碼 (XSS) 在 Prompt 模組中 (CVE-2025-59545)
critical
265756Dotnetnuke < 10.1.0 使用 url 進行設定檔反射式跨網站指令碼 (XSS) (CVE-2025-59821)
medium
265752Dotnetnuke < 10.1.0 透過查詢參數在匿名用戶端上載入未使用的主題 (CVE-2025-59535)
medium
265721Dotnetnuke < 10.1.0 已儲存跨網站指令碼 (XSS) 在 Prompt 模組中 (GHSA-2qxc-mf4x-wr29)
high
265720Dotnetnuke < 10.1.0 使用後端系統管理員認證的已儲存 XSS (GHSA-gj8m-5492-q98h)
high
265718Dotnetnuke < 10.1.0 使用 url 來設定檔發生反射式跨網站指令碼 (XSS) (GHSA-jc4g-c8ww-5738)
high
265441Atlassian Confluence 2.0 < 8.5.24 / 8.6.x < 9.2.6 / 9.3.x < 9.5.2 / 10.0.x < 10.0.3 RCE (CONFSERVER-100795)
high
265438Fortra GoAnywhere Managed File Transfer (MFT) < 7.6.3 / 7.7.x < 7.8.4 還原序列化 (CVE-2025-10035)
critical
265328Openfire < 5.0.2 / 5.1.0 身分偽造
medium
265325Jenkins LTS < 2.516.3/Jenkins 每週版 < 2.528 多個弱點
high
264901Mattermost 伺服器 10.5.x < 10.5.9 / 10.8.x < 10.8.4 / 10.9.x < 10.9.4 / 10.10.x < 10.10.1 / 10.11.0 路徑遊走 (MMSA-2025-00501)
medium
264900Mattermost Server 9.11.x < 9.11.18 / 10.5.x < 10.5.9 / 10.8.x < 10.8.4 / 10.9.x < 10.9.4 / 10.10.x < 10.10.1 / 10.11.0 不當驗證 (MMSA-2025-00506)
medium
264899Mattermost Server 9.11.x < 9.11.18 / 10.5.x < 10.5.9 / 10.8.x < 10.8.4 / 10.9.x < 10.9.3 / 10.10.0 多個弱點 (MMSA-2025-00498, MMSA-2025-00499)
medium
264626Mattermost Server 9.11.x < 9.11.18 / 10.5.x < 10.5.9 / 10.8.x < 10.8.4 / 10.9.x < 10.9.3 / 10.10.x < 10.10.1 / 10.11.0 不受限制的檔案上傳 (MMSA-2025-00505)
medium
264625Mattermost Server 10.5.x < 10.5.9 / 10.10.0 不正確的授權 (MMSA-2025-00470)
medium
264624Mattermost Server 9.11.x < 9.11.18 / 10.5.x < 10.5.9 / 10.10.0 授權錯誤 (MMSA-2025-00485)
low
264600GitLab 10.7 <18.1.6/18.2 < 18.2.6/18.3 < 18.3.2 (CVE-2025-10094)
medium