Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18844

18844 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2025-9592 itsourcecode Apartment Management System bill_info.php sql injection — Apartment Management SystemCWE-89 7.3 High2025-08-28
CVE-2025-57819 FreePBX Affected by Authentication Bypass Leading to SQL Injection and RCE — endpointCWE-89 9.8AICriticalAI2025-08-28
CVE-2025-9376 Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection <= 11.58 - Insufficient Authorization to Unauthenticated Blocklist Bypass — Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam ProtectionCWE-863 6.5 Medium2025-08-28
CVE-2025-58081 DOS & CO SS1 安全漏洞 — SS1CWE-259 7.5 -2025-08-28
CVE-2025-58072 DOS & CO SS1 路径遍历漏洞 — SS1CWE-22 7.5 -2025-08-28
CVE-2025-54762 DOS & CO SS1 代码问题漏洞 — SS1CWE-434 9.8 -2025-08-28
CVE-2025-53970 DOS & CO SS1 代码问题漏洞 — SS1CWE-434 9.8 -2025-08-28
CVE-2025-52460 DOS & CO SS1 安全漏洞 — SS1CWE-552 7.5 -2025-08-28
CVE-2025-46409 DOS & CO SS1 加密问题漏洞 — SS1CWE-326 9.1 -2025-08-28
CVE-2025-7956 Ajax Search Lite <= 4.13.1 - Missing Authorization to Unauthenticated Basic Information Exposure via ASL_Query in AJAX Search Handler — Ajax Search Lite – Live Search & FilterCWE-862 5.3 Medium2025-08-28
CVE-2024-13807 Xagio SEO <= 7.1.0.5 - Unauthenticated Sensitive Information Exposure via Unprotected Back-Up Files — Xagio SEO – AI Powered SEOCWE-200 7.5 High2025-08-28
CVE-2025-7955 RingCentral Communications 1.5 - 1.6.8 - Missing Server‑Side Verification to Authentication Bypass via ringcentral_admin_login_2fa_verify Function — RingCentral Communications Plugin – FREECWE-287 9.8 Critical2025-08-28
CVE-2024-9648 WP ULike Pro <= 1.9.3 - Unauthenticated Limited Arbitrary File Upload — WP ULike ProCWE-434 6.1 Medium2025-08-28
CVE-2025-7812 Video Share VOD – Turnkey Video Site Builder Script <= 2.7.6 - Cross-Site Request Forgery to Command Injection — Video Share VOD – Turnkey Video Site Builder ScriptCWE-352 8.8 High2025-08-28
CVE-2025-8897 Beaver Builder Plugin (Lite Version) <= 2.9.2.1 - Reflected Cross-Site Scripting — Beaver Builder Page Builder – Drag and Drop Website BuilderCWE-79 6.1 Medium2025-08-28
CVE-2025-51643 Meitrack T366G-L GPS Tracker 安全漏洞 — n/a 4.6 -2025-08-28
CVE-2025-52054 Tenda AC8 安全漏洞 — n/a 9.8 -2025-08-28
CVE-2025-55583 D-Link DIR-868L 安全漏洞 — n/a 9.8 -2025-08-28
CVE-2024-13979 St. Joe ERP System SingleRowQueryConverter SQL Injection — St. Joe ERP System ("圣乔ERP系统")CWE-89 9.4AICriticalAI2025-08-27
CVE-2024-13982 SPON IP Network Intercom System rj_get_token.php Arbitrary File Read — SPON IP Network Broadcast SystemCWE-22 9.1AICriticalAI2025-08-27
CVE-2023-7308 SecGate3600 Firewall Information Disclosure via authManageSet.cgi — SecGate3600 FirewallCWE-306 7.5AIHighAI2025-08-27
CVE-2023-7307 Sangfor Behavior Management System XML External Entity Injection — Sangfor Behavior Management System (DC Management System)CWE-611 9.8AICriticalAI2025-08-27
CVE-2024-13984 Qi'anxin TianQing Management Center rptsvr Arbitrary File Upload — TianQing Management CenterCWE-73 9.8AICriticalAI2025-08-27
CVE-2024-13981 LiveBos UploadFile.do Arbitrary File Upload — LiveBOSCWE-434 9.8AICriticalAI2025-08-27
CVE-2024-13980 H3C Intelligent Management Center (iMC) /byod/index.xhtml RCE — Intelligent Management Center (iMC)CWE-502 9.8AICriticalAI2025-08-27
CVE-2025-34163 Dongsheng Logistics Software Unauthenticated Arbitrary File Upload — Dongsheng Logistics SoftwareCWE-434 9.8AICriticalAI2025-08-27
CVE-2018-25115 D-Link DIR-110/412/600/615/645/815 RCE via service.cgi — DIR-110CWE-78 9.8AICriticalAI2025-08-27
CVE-2023-7309 Dahua Smart Park Integrated Management Platform Front-End Arbitrary File Upload — Smart Park Integrated Management PlatformCWE-434 9.8AICriticalAI2025-08-27
CVE-2024-13985 Dahua EIMS capture_handle.action RCE — EIMSCWE-78 9.8AICriticalAI2025-08-27
CVE-2025-34162 Bian Que Feijiu Intelligent Emergency and Quality Control System SQL Injection via GetLyfsByParams — Bian Que Feijiu Intelligent Emergency and Quality Control SystemCWE-89 9.8AICriticalAI2025-08-27

Vulnerabilities classified as access:pre-auth represent 18844 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.