Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18893

18893 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2024-4344 Shield Security – Smart Bot Blocking & Intrusion Prevention Security <= 19.1.13 - Cross-Site Request Forgery — Shield: Blocks Bots, Protects Users, and Prevents Security BreachesCWE-352 4.3 Medium2024-06-02
CVE-2024-3820 wpDataTables - Tables & Table Charts (Premium) <= 6.3.1 - Unauthenticated SQL Injection — wpDataTables (Premium)CWE-89 10.0 Critical2024-06-01
CVE-2024-3821 wpDataTables - Tables & Table Charts (Premium) <= 6.3.2 - Missing Authorization to DataTable Access & Modification — wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts PluginCWE-862 7.3 High2024-06-01
CVE-2024-1324 QQWorld Auto Save Images <= 1.9.8 - Missing Authorization to Arbitrary Post Content Retrieval — QQWorld Auto Save ImagesCWE-862 5.3 Medium2024-06-01
CVE-2024-29822 Ivanti EPM SQL注入漏洞 — EPM 8.8 -2024-05-31
CVE-2024-29823 Ivanti EPM SQL注入漏洞 — EPM 8.8 -2024-05-31
CVE-2024-29824 Ivanti EPM SQL注入漏洞 — EPM 8.8 -2024-05-31
CVE-2024-29825 Ivanti EPM SQL注入漏洞 — EPM 8.8 -2024-05-31
CVE-2024-29826 Ivanti EPM SQL注入漏洞 — EPM 8.8 -2024-05-31
CVE-2024-29827 Ivanti EPM SQL注入漏洞 — EPM 8.8 -2024-05-31
CVE-2024-36108 Multiple Broken Function-Level Authorization vulnerabilities in casgate — casgateCWE-285 9.8 Critical2024-05-31
CVE-2024-23692 Rejetto HTTP File Server 2.3m Unauthenticated RCE — HTTP File ServerCWE-1336 9.8 Critical2024-05-31
CVE-2024-2793 Visual Website Collaboration, Feedback & Project Management – Atarim <= 3.30 - Unauthenticated Stored Cross-Site Scripting — Atarim – Visual Feedback, Review & AI CollaborationCWE-79 7.2 High2024-05-31
CVE-2024-2421 LenelS2 NetBox Improper Neutralization of Special Elements — NetBoxCWE-78 9.8AICriticalAI2024-05-30
CVE-2024-35431 ZKTeco ZKBioSecurity 安全漏洞 — n/a 7.5AIHighAI2024-05-30
CVE-2024-4426 Comparison Slider <= 1.0.5 - Cross-Site Request Forgery — Comparison SliderCWE-352 4.3 Medium2024-05-30
CVE-2024-3947 WP To Do <= 1.3.0 - Cross-Site Request Forgery via wptodo_settings — WP To DoCWE-352 4.3 Medium2024-05-30
CVE-2024-3945 WP To Do <= 1.3.0 - Cross-Site Request Forgery via wptodo_manage() — WP To DoCWE-352 4.3 Medium2024-05-30
CVE-2024-3943 WP To Do <= 1.3.0 - Cross-Site Request Forgery via wptodo_addcomment — WP To DoCWE-352 4.3 Medium2024-05-30
CVE-2024-4218 AffiEasy <= 1.1.6 - Cross-Site Request Forgery to Various Actions — AffiEasyCWE-352 6.5 Medium2024-05-30
CVE-2024-35284 Mitel MiContact Center Business 跨站脚本漏洞 — n/a 6.1AIMediumAI2024-05-29
CVE-2024-35283 Mitel MiContact Center Business 跨站脚本漏洞 — n/a 6.1AIMediumAI2024-05-29
CVE-2023-46297 Mercusys MW325R 安全漏洞 — n/a 5.3AIMediumAI2024-05-29
CVE-2024-4358 Registration Authentication Bypass Vulnerability — Telerik Report ServerCWE-290 9.8 Critical2024-05-29
CVE-2024-4611 AppPresser <= 4.3.2 - Improper Missing Encryption Exception Handling to Authentication Bypass — AppPresser – Mobile App FrameworkCWE-703 8.1 High2024-05-29
CVE-2024-0434 WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly <= 1.7.1 - Missing Authorization via ttbm_new_place_save — Travelly – Tour & Travel Booking Manager for WooCommerce | Tour & Hotel Booking SolutionCWE-284 5.3 Medium2024-05-29
CVE-2024-5150 Login with phone number <= 1.7.26 - Authentication Bypass due to Missing Empty Value Check — OTP Login With Phone Number, OTP VerificationCWE-288 9.8 Critical2024-05-29
CVE-2024-5433 Path Traversal in Campbell Scientific CSI Web Server and RTMC — CSI Web Server and RTMCCWE-22 7.5AIHighAI2024-05-28
CVE-2024-35341 多款Anpviz产品 安全漏洞 — n/a 9.1AICriticalAI2024-05-28
CVE-2024-35342 多款Anpviz产品 安全漏洞 — n/a 5.3AIMediumAI2024-05-28

Vulnerabilities classified as access:pre-auth represent 18893 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.