RSAS V6.0 Web Plugin Upgrade Package Upgrade List

Name: rsas-vulweb-V6.0R02F00.3603.dat Version:6.0.36.3
MD5:ffd08d9f841c7501fff070ccaa881431 Size:5.68M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3602 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3602 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3603 .

The upgrade package includes the following updates:
1. Add Custom vulnerability detection plugin Plug-in.
2. Add CyberPanel upgrademysqlstatus Remote Command Execution Vulnerability (CVE-2024-51567 CVE-2024-51568) Plug-in.
3. Add VMware vSphere Client Path Traversal Vulnerability (CVE-2021-21972) Plug-in.
4. Add Zyxel NAS520 Operating System Command Injection Vulnerability (CVE-2020-9054) Plug-in.
5. Add Movable Type XMLRPC Operating System Command Injection Vulnerability (CVE-2021-20837) Plug-in.
6. Add MinIO Unauthorized Server-Side Request Forgery Vulnerability (CVE-2021-21287) Plug-in.
7. Add Apache Tomcat Deserialization Remote Code Execution Vulnerability (CVE-2020-9484) Plug-in.
8. Add Buffalo WSR-2533DHPL2 Path Traversal Vulnerability (CVE-2021-20090) Plug-in.
9. Add VICIdial Information Disclosure Vulnerability (CVE-2021-28854) Plug-in.
10. Add emlog Directory Traversal Vulnerability (CVE-2021-3293) Plug-in.
11. Add OpenOlat Directory Traversal Vulnerability (CVE-2021-27748) Plug-in.
12. Add systeminformation Command Injection Vulnerability (CVE-2021-21315) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-11-22 17:37:09
Name: rsas-vulweb-V6.0R02F00.3602.dat Version:6.0.36.2
MD5:c341637a4c8cce7fa07332fc9e7cab26 Size:1.13M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3601 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3601 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3602 .

The upgrade package includes the following updates:
1. Add Vmware vSphere Client Improper Input Validation Vulnerability (CVE-2021-21985) Plug-in.
2. Add VMware vCenter Server Analytics Server Path Traversal Vulnerability (CVE-2021-22005) Plug-in.
3. Add WordPress Secure Copy Content Protection and Content Locking Plugin SQL Injection Vulnerability (CVE-2021-24931) Plug-in.
4. Add RaspAP Operating System Command Injection Vulnerability (CVE-2021-33357) Plug-in.
5. Add ZOHO ManageEngine Apache xmlsec Security Vulnerability (CVE-2022-47966) Plug-in.
6. Add Cobbler Remote Code Execution Vulnerability (CVE-2021-40323) Plug-in.
7. Add pfSense diag_routes.php Code Injection Vulnerability (CVE-2021-41282) Plug-in.
8. Add KubePi JWT Default Key Permission Bypass Vulnerability (CVE-2023-22463) Plug-in.
9. Add Lexmark Remote Code Execution Vulnerability (CVE-2023-26067) Plug-in.
10. Add HTTP Missing Secure Header Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-11-08 19:22:24
Name: rsas-vulweb-V6.0R02F00.3601.dat Version:6.0.36.1
MD5:35b2b47b9b8348c47ef5761ff5002050 Size:1.11M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3600 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3600 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3601 .

The upgrade package add 31 plugins, including but not limited to:
1. Add Gurock TestRail Information Disclosure Vulnerability (CVE-2021-40875) Plug-in.
2. Add ChronoEngine ChronoForms Path Traversal Vulnerability (CVE-2021-28377) Plug-in.
3. Add Redash Default Session Forgery Vulnerability (CVE-2021-41192) Plug-in.
4. Add Crestron HD-MD4X2-4K-E HDMI Authentication Bypass Vulnerability (CVE-2022-23178) Plug-in.
5. Add Minio External IDP Improper Access Control Vulnerability (CVE-2021-41266) Plug-in.
6. Add ForgeRock AM Remote Code Execution Vulnerability (CVE-2021-35464) Plug-in.
7. Add Auerswald Compact Series Firmware Backdoor Vulnerability (CVE-2021-40859) Plug-in.
8. Add Land Software FAUST iServer Path Traversal Vulnerability (CVE-2021-34805) Plug-in.
9. Add WordPress Zoomsounds Plugin Directory Traversal Vulnerability (CVE-2021-39316) Plug-in.
10. Add Dahua IPC Authentication Bypass Vulnerability (CVE-2021-33044) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-10-25 18:14:53
Name: rsas-vulweb-V6.0R02F00.3600.dat Version:6.0.36.0
MD5:053cc0f6fc68d1089e9e2193994eae6d Size:1.64M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.35* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3600 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.3501.dat to rsas-vulweb-V6.0R02F00.3528.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-09-30 14:47:11
Name: rsas-vulweb-V6.0R02F00.3528.dat Version:6.0.35.28
MD5:1e973e0d7158f5cdf60d84b994acaaeb Size:1.30M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3527 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3527 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3528 .

The upgrade package includes the following updates:
1. Add Chanjet T+ /tplus/ajaxpro/Ufida.T.SM.UIP.MultiCompanyController,Ufida.T.SM.UIP.ashx SQL Injection Vulnerability Plug-in.
2. Add NSFOCUS SAS Bastion Machine /webconf/Exec Remote Code Execution Vulnerability Plug-in.
3. Add NetentSec NS-ASG Security Gateway /protocol/index.php Remote Command Execution Vulnerability Plug-in.
4. Add Landray EIS Smart Collaboration Platform /eis/service/api.aspx Arbitrary File Upload Vulnerability Plug-in.
5. Add Tongda OA /interface/auth.php Path SQL Injection Vulnerability Plug-in.
6. Add Tongda OA /module/AIP/get_file.php Arbitrary File Download Vulnerability Plug-in.
7. Add Tongda OA /scoredate/result.php Path SQL Injection Vulnerability Plug-in.
8. Add K3 Apusic Server /admin//protect/jndi/loadTree LDAP Injection Vulnerability Plug-in.
9. Add Ruijie EWEB /cgi-bin/luci/api/auth Remote Command Execution Vulnerability Plug-in.
10. Add BQE BillQuick Web Suite SQL Injection Vulnerability (CVE-2021-42258) Plug-in.
11. Add Microsoft Exchange Server Security Vulnerability (CVE-2021-41349) Plug-in.
12. Add Payara Micro Community Path Traversal Vulnerability (CVE-2021-41381) Plug-in.
13. Add Sitecore XP Deserialization Vulnerability (CVE-2021-42237) Plug-in.
14. Add Keking KkFileview Directory Traversal Vulnerability (CVE-2021-43734) Plug-in.
15. Add Caucho Resin Directory Traversal Vulnerability (CVE-2021-44138) Plug-in.
16. Add ZOHO ManageEngine Desktop Central MSP Authorization Bypass Vulnerability (CVE-2021-44515) Plug-in.
17. Add UpdateStar HD-Network Real Time Monitoring System Directory Traversal Vulnerability (CVE-2021-45043) Plug-in.
18. Add ZOHO ManageEngine ServiceDesk Plus Improper Access Control Vulnerability (CVE-2021-44077) Plug-in.
19. Add SpringBlade Framework Default SIGN_KEY Information Disclosure Vulnerability (CVE-2021-44910) Plug-in.
20. Add SolarWinds Web Help Desk Trust Management Vulnerability (CVE-2024-28987) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-09-29 08:01:54
Name: rsas-vulweb-V6.0R02F00.3527.dat Version:6.0.35.27
MD5:b9f311f59ac3a2d971fc8a71c8267cba Size:855.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3526 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3526 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3527 .

The upgrade package includes the following updates:
1. Add Weaver e-cology ModeDateService Interface SQL Injection Vulnerability Plug-in.
2. Add Weaver E-Mobile cdnfile Interface Arbitrary File Read Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-09-25 14:44:06
Name: rsas-vulweb-V6.0R02F00.3526.dat Version:6.0.35.26
MD5:0e8b8e81879fd3a584e58b24a6739f1b Size:1.09M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3525 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3525 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3526 .

The upgrade package includes the following updates:
1. Add WAVLINK Wireless Router nightled.cgi Command Injection Vulnerability (CVE-2022-2487) Plug-in.
2. Add WordPress Plugin User Post Gallery Code Injection Vulnerability (CVE-2022-4060) Plug-in.
3. Add dotCMS ContentResource API File Write Vulnerability (CVE-2022-26352) Plug-in.
4. Add Contec SolarView Compact conf_mail.php Command Injection Vulnerability (CVE-2022-29303) Plug-in.
5. Add Nortek Control Linear eMerge E3-Series Administrative Credential Plaintext Storage Vulnerability (CVE-2022-31269) Plug-in.
6. Add pfSense pfBlockerNG Command Injection Vulnerability (CVE-2022-31814) Plug-in.
7. Add Lin CMS Spring Boot Backend Information and Functionality Access Vulnerability (CVE-2022-32430) Plug-in.
8. Add Hytec Inter HWL-2511-SS popen.cgi Command Injection Vulnerability (CVE-2022-36553) Plug-in.
9. Add RaspAP Command Injection Vulnerability (CVE-2022-39986) Plug-in.
10. Add Hitachi Vantara Pentaho Business Analysis Server Code Injection Vulnerability (CVE-2022-43769) Plug-in.
11. Add Weaver /json.php SQL Injection Vulnerability Plug-in.
12. Add DAS-SECURITY Dbappsecurity Security Gateway aaa_portal_auth_local_submit Remote Command Execution Vulnerability Plug-in.
13. Add DAS-SECURITY Dbappsecurity Security Gateway aaa_local_web_preview Remote Command Execution Vulnerability Plug-in.
14. Add Yonyou nc cloud /ncchr/pm/fb/attachment/uploadChunk Arbitrary File Upload Vulnerability Plug-in.
15. Add Yonyou NC/NCC /uapjs/jsinvoke Arbitrary File Upload Vulnerability Plug-in.
16. Add Yonyou TurboCRM /ajax/getemaildata.php Arbitrary File Download Vulnerability Plug-in.
17. Add Yonyou TurboCRM /getemaildata.php Path Arbitrary File Upload Vulnerability Plug-in.
18. Add Yonyou Ufida /hrss/ELTextFile.load.d Arbitrary File Read Vulnerability Plug-in.
19. Add Yonyou Ufida /hrss/ref.show.d SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-09-06 19:42:37
Name: rsas-vulweb-V6.0R02F00.3525.dat Version:6.0.35.25
MD5:85661cdd585ac6f6799e0c84b65654e8 Size:859.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3524 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3524 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3525 .

The upgrade package includes the following updates:
1. Add SRM Smartlink Cloud Mining System Login Bypass Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-08-30 19:19:33
Name: rsas-vulweb-V6.0R02F00.3524.dat Version:6.0.35.24
MD5:547fc8306e3dc038cd91302c31ea4da6 Size:986.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3523 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3523 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3524 .

The upgrade package includes the following updates:
1. Add Cloud Platform Login Bypass Vulnerability in Zhuhai Xinhua Tong Software Co. Plug-in.
2. Add DCN firewall command execution vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-08-30 14:00:08
Name: rsas-vulweb-V6.0R02F00.3523.dat Version:6.0.35.23
MD5:253fd180ceb09b3ade849191e399cd39 Size:910.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3522 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3522 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3523 .

The upgrade package includes the following updates:
1. Add Inspur GS Enterprise Management Software uploadlistfile Arbitrary File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-08-28 14:15:59
Name: rsas-vulweb-V6.0R02F00.3522.dat Version:6.0.35.22
MD5:cec34f0078f7160576bb599fa0309c34 Size:858.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3521 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3521 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3522 .

The upgrade package includes the following updates:
1. Add There is an SQL Injection vulnerability in the MeasureQResultAction interface of UFIDA U8 Cloud Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-08-25 21:08:31
Name: rsas-vulweb-V6.0R02F00.3521.dat Version:6.0.35.21
MD5:318386c9513387b5119048e809b702ec Size:1008.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3520 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3520 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3521 .

The upgrade package includes the following updates:
1. Add Raisecom multi-service intelligent gateway contains multiple remote command execution vulnerabilities Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-08-23 17:16:23
Name: rsas-vulweb-V6.0R02F00.3520.dat Version:6.0.35.20
MD5:b5b900a33eb7e070560404fdd9d0fbb3 Size:1.06M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3519 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3519 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3520 .

The upgrade package includes the following updates:
1. Add Hikvision Comprehensive Security Management Platform /resourceOperations/upload Path Arbitrary File Upload Vulnerability Plug-in.
2. Add Hikvision Comprehensive Security Management Platform /svm/api/v1/productFile Path Arbitrary File Upload Vulnerability Plug-in.
3. Add Hikvision Comprehensive Security Management Platform /center/api/session Deserialization Vulnerability Plug-in.
4. Add Sangfor SSLVPN /por/checkurl.csp Path Remote Command Execution Vulnerability Plug-in.
5. Add Yonyou GRP-U8 /UploadFileData Arbitrary File Upload Vulnerability Plug-in.
6. Add Yonyou GRP-U8 /listSelectDialogServlet SQL Injection Vulnerability Plug-in.
7. Add Yonyou GRP-U8 /U8AppProxy Arbitrary File Upload Vulnerability Plug-in.
8. Add UniNXG Secure Data Exchange System SQL Injection Vulnerability Plug-in.
9. Add Prometheus Metrics Unauthorized Access Vulnerability Plug-in.
10. Add Prometheus Unauthorized Access Vulnerability Plug-in.
11. Add Apache Kafka Unauthorized Access Vulnerability Plug-in.
12. Add Ming Yuan ERP System SQL Injection Vulnerability Plug-in.
13. Add TRS Media Asset Management System uploadThumb File Upload Vulnerability Plug-in.
14. Add Bangyong PM2 Project Management System Arbitrary File Upload Vulnerability Plug-in.
15. Add Tenda FH1201 Router Command Injection Vulnerability (CVE-2024-41473) Plug-in.
16. Add Tenda FH1201 Router Command Injection Vulnerability (CVE-2024-41468) Plug-in.
17. Add Landray EIS Smart Collaboration Platform Multiple Interfaces SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-08-16 18:02:09
Name: rsas-vulweb-V6.0R02F00.3519.dat Version:6.0.35.19
MD5:c29b5184cc536d188fb5f60bb7647d92 Size:1010.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3518 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3518 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3519 .

The upgrade package includes the following updates:
1. Add SanYi Technology Vehicle Monitoring Service Platform has an SQL injection vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-08-15 16:14:43
Name: rsas-vulweb-V6.0R02F00.3518.dat Version:6.0.35.18
MD5:c85f97250369c811715db2d866e5ac4a Size:849.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3517 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3517 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3518 .

The upgrade package includes the following updates:
1. Add Yonyou UFIDA NC Link interface contains an SQL injection vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-08-15 14:43:46
Name: rsas-vulweb-V6.0R02F00.3517.dat Version:6.0.35.17
MD5:9c98c625fbf6186693ae4ac7f97dfa03 Size:984.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3516 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3516 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3517 .

The upgrade package includes the following updates:
1. Add Raisecom Multi-Business Gateway Remote Command Execution Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-08-14 16:55:17
Name: rsas-vulweb-V6.0R02F00.3516.dat Version:6.0.35.16
MD5:66ffedcae9ec2acab538e91374573a73 Size:994.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3515 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3515 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3516 .

The upgrade package includes the following updates:
1. Add pyload Code Injection Vulnerability (CVE-2023-0297) Plug-in.
2. Add Sophos Web Appliance Pre-Authorization Command Injection Vulnerability (CVE-2023-1671) Plug-in.
3. Add Cisco IOS XE Component Privilege Escalation Vulnerability (CVE-2023-20198) Plug-in.
4. Add VMware VRealize Network Command Injection Vulnerability (CVE-2023-20887) Plug-in.
5. Add The WordPress Login with Phone Number Plugin SQL Injection Vulnerability (CVE-2023-23492) Plug-in.
6. Add MeterSphere API Improper Access Control Vulnerability (CVE-2023-25573) Plug-in.
7. Add Atheros SmartZone Remote Code Execution Vulnerability (CVE-2023-25717) Plug-in.
8. Add Adobe ColdFusion Arbitrary File Read Vulnerability (CVE-2023-26360) Plug-in.
9. Add Altenergy Power System Control Software Command Injection Vulnerability (CVE-2023-28343) Plug-in.
10. Add Adobe ColdFusion Deserialization Code Execution Vulnerability (CVE-2023-29300) Plug-in.
11. Add STAGIL Navigation Plugin Path Traversal Vulnerability (CVE-2023-26255) Plug-in.
12. Added two high and one weak special vulnerability scanning templates.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-08-13 15:38:54
Name: rsas-vulweb-V6.0R02F00.3515.dat Version:6.0.35.15
MD5:56c39bd661fe11f73d709d2d7540c738 Size:991.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3514 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3514 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3515 .

The upgrade package includes the following updates:
1. Add PowerPMS APPGetUser SQL Injection Vulnerability Plug-in.
2. Add Whir OA OfficeServer Arbitrary File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-08-12 20:26:55
Name: rsas-vulweb-V6.0R02F00.3514.dat Version:6.0.35.14
MD5:a62dc430fa1a69c81c263706ac58641b Size:827.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3513 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3513 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3514 .

The upgrade package includes the following updates:
1. Add E-office10 schema_mysql Sensitive Information Disclosure Vulnerability Plug-in.
2. Add JeecgBoot show Remote Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-08-09 15:23:07
Name: rsas-vulweb-V6.0R02F00.3513.dat Version:6.0.35.13
MD5:8281f8095ee069e0b0594c56aa618574 Size:830.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3512 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3512 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3513 .

The upgrade package includes the following updates:
1. Add The Weaver OA HrmService interface has an information disclosure vulnerability Plug-in.
2. Add H3C iMC Intelligent Management Center has a remote code execution vulnerability affecting multiple interfaces Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-08-08 10:54:21
Name: rsas-vulweb-V6.0R02F00.3512.dat Version:6.0.35.12
MD5:9bb02f745e19f1b5a00d83c73e9de37e Size:826.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3511 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3511 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3512 .

The upgrade package includes the following updates:
1. Add The Yisaitong Electronic Document Security Management System has an SQL injection vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-08-07 16:32:58
Name: rsas-vulweb-V6.0R02F00.3511.dat Version:6.0.35.11
MD5:831c1616874a75469236bbd51a0aa8eb Size:982.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3510 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3510 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3511 .

The upgrade package includes the following updates:
1. Add TVT DVR Information Disclosure Vulnerability (CVE-2024-7339) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-08-06 15:25:02
Name: rsas-vulweb-V6.0R02F00.3510.dat Version:6.0.35.10
MD5:5aaa91eb7f7871bbe73ca31836503b0a Size:1000.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3509 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3509 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3510 .

The upgrade package includes the following updates:
1. Add Apache OFBiz has a remote command execution vulnerability (CVE-2024-38856). Plug-in.
2. Add The ContractLock e-signature platform has an arbitrary command execution vulnerability in the `param/edits` endpoint. Plug-in.
3. Add The JinanWave CloudLink application system has a remote command execution vulnerability in the GNRemote.dll component Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-08-05 16:50:18
Name: rsas-vulweb-V6.0R02F00.3509.dat Version:6.0.35.9
MD5:0a63ea07b3e6282e1a3ca1c0863679a9 Size:1.06M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3508 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3508 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3509 .

The upgrade package includes the following updates:
1. Add HJSOFT Human Resources Management System /servlet/DisplayFiles Path Arbitrary File Read Vulnerability Plug-in.
2. Add HJSOFT Human Resources Management System /uploadFile Path Arbitrary File Upload Vulnerability Plug-in.
3. Add Glodon /Services/Identification/Server/test.aspx Information Disclosure Vulnerability Plug-in.
4. Add CAIMORE Gateway /goform/formping Remote Code Execution Vulnerability Plug-in.
5. Add Ming Yuan Cloud ERP Interface Manager /myunke/ApiUpdateTool/ApiUpdate.ashx Arbitrary File Upload Vulnerability Plug-in.
6. Add Weaver E-Office /general/file_folder/file_new/neworedit/download.php Arbitrary File Read Vulnerability Plug-in.
7. Add Weaver E-Office /general/weibo/javascript/LazyUploadify/uploadify.php Arbitrary File Upload Vulnerability Plug-in.
8. Add Weaver E-Office /general/weibo/javascript/uploadify/uploadify.php Arbitrary File Upload Vulnerability Plug-in.
9. Add Weaver E-office /json_common.php SQL Injection Vulnerability Plug-in.
10. Add Weaver E-office 9.5 /E-mobile/App/System/UserSelect/index.php SQL Injection Vulnerability Plug-in.
11. Add EnterSoft Customer Resource Management System /entsoft/MailAction.entphone Arbitrary File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-08-03 16:33:17
Name: rsas-vulweb-V6.0R02F00.3508.dat Version:6.0.35.8
MD5:c1bdc914854e7305f8adabda676b579b Size:1.02M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3507 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3507 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3508 .

The upgrade package includes the following updates:
1. Add Jeecg-Boot permission bypass vulnerability in the report component Plug-in.
2. Add Yearning exists directory traversal vulnerability (CVE-2022-27043) Plug-in.
3. Add Fang Tianyun GetCompanyItem has a SQL injection vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-07-31 16:14:15
Name: rsas-vulweb-V6.0R02F00.3507.dat Version:6.0.35.7
MD5:eadd58c8ca48e5ba4ee4f168fa63cfd4 Size:846.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3506 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3506 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3507 .

The upgrade package includes the following updates:
1. Add Tianwen Property ERP System ContractDownLoad.aspx arbitrary file reading vulnerability Plug-in.
2. Add Huatian Power OA Downloader WPSFILE Arbitrary file Reading Vulnerability Plug-in.
3. Add Tongda OA privateUpload.php Front-end arbitrary file upload vulnerability Plug-in.
4. Add Tongda OA paction_upload.php front arbitrary file upload vulnerability Plug-in.
5. Add Tongda OA go.php interface has SQL injection vulnerability. Plug-in.
6. Add Tongda OA search_excel.php interface has SQL injection vulnerability. Plug-in.
7. Add Tongda OA use_finger.php interface has SQL injection vulnerability. Plug-in.
8. Add Tongda OA get_file.php has a file download vulnerability. Plug-in.
9. Add Hikvision Integrated Security Management Platform Remote Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-07-30 11:08:16
Name: rsas-vulweb-V6.0R02F00.3506.dat Version:6.0.35.6
MD5:7551c82af09c10db431f87f9bd47eeaa Size:1020.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3505 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3505 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3506 .

The upgrade package includes the following updates:
1. Add FanRuan decision/remote/design/channel Deserialization Vulnerability Plug-in.
2. Add Weaver e-cology WorkPlanService front-end SQL injection vulnerability Plug-in.
3. Add Keytop fully intelligent parking charging system Webervice.asmx arbitrary file upload vulnerability Plug-in.
4. Add Weaver E-Mobile installOperate.do has a server request forgery vulnerability. Plug-in.
5. Add The querygoodsgridbycode interface of the UFIDA NC system has a SQL injection vulnerability. Plug-in.
6. Add TOTOLINK A6000R apcli_do_enr_pin_wps REMOTE COMMAND EXECUTION VULNERABILITY Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-07-25 18:38:58
Name: rsas-vulweb-V6.0R02F00.3505.dat Version:6.0.35.5
MD5:be47e03921713c938c3ea10d5dec499a Size:979.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3504 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3504 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3505 .

The upgrade package includes the following updates:
1. Add Tianwen property ERP system AreaAvatarDownLoad.aspx arbitrary file reading vulnerability Plug-in.
2. Add Glodon LinkWorks ArchiveWebService.asmx interface XML entity injection vulnerability Plug-in.
3. Add Raqsoft Reports dataSphereServlet Arbitrary File Upload Vulnerability Plug-in.
4. Add Raqsoft Reports dataSphereServlet Interface Arbitrary File Read Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-07-25 11:49:51
Name: rsas-vulweb-V6.0R02F00.3504.dat Version:6.0.35.4
MD5:ad394c8bd829097271e22489252bb5ea Size:1.00M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3503 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3503 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3504 .

The upgrade package includes the following updates:
1. Add Venusstar Tianqing Hanma VPN Arbitrary File Read Vulnerability Plug-in.
2. Add The disable interface of G-SKY CMSV6 vehicle positioning monitoring platform has a SQL injection vulnerability Plug-in.
3. Add Seeyon OA fileUpload.do has a file upload vulnerability. Plug-in.
4. Add Seeyon AnalyticsCloud Arbitrary File Reading Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-07-23 20:14:25
Name: rsas-vulweb-V6.0R02F00.3503.dat Version:6.0.35.3
MD5:ca9b1f4dd415edb7720cbf5973f488a2 Size:1.07M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3502 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3502 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3503 .

The upgrade package add 33 plugins, including but not limited to:
1. Add Western Digital My Cloud /cgi-bin/nas_sharing.cgi Remote Command Execution Vulnerability Plug-in.
2. Add Wanhu OA /defaultroot/platform/portal/layout/common/upload.jsp Arbitrary File Upload Vulnerability Plug-in.
3. Add Wanhu OA /defaultroot/platform/portal/portlet/pic/pic.jsp SQL Injection Vulnerability Plug-in.
4. Add Wanhu OA /defaultroot/yzConvertFile/file2Html.controller Arbitrary File Upload Vulnerability Plug-in.
5. Add TG-NET Holographic AI Weak Current Network Comprehensive Operation and Maintenance Platform Remote Command Execution Vulnerability Plug-in.
6. Add Dahua Intelligent IoT Comprehensive Management Platform /evo-apigw/evo-face/personInfo/page Information Disclosure Vulnerability Plug-in.
7. Add Dahua Smart Park Comprehensive Management Platform /deleteFtp Path FastJson Remote Code Execution Vulnerability Plug-in.
8. Add Dahua Smart Park Comprehensive Management Platform /emap/webservice/gis/soap/bitmap Arbitrary File Upload Vulnerability Plug-in.
9. Add Dahua Smart Park Comprehensive Management Platform /emap/webservice/gis/soap/poi Path Arbitrary File Upload Vulnerability Plug-in.
10. Add Dahua Smart Park Comprehensive Management Platform /ipms/barpay/pay Path FastJson Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-07-19 17:07:18
Name: rsas-vulweb-V6.0R02F00.3502.dat Version:6.0.35.2
MD5:0fb32f362d2f0b92bb916faebdf64d92 Size:1.03M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3501 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3501 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3502 .

The upgrade package includes the following updates:
1. Add JeecgBoot /commonController.do Arbitrary File Upload Vulnerability Plug-in.
2. Add Panabit iXCache /cgi-bin/Maintain/date_config Remote Command Execution Vulnerability Plug-in.
3. Add Panabit Log System /sy_addmount.php Path Remote Command Execution Vulnerability Plug-in.
4. Add TongdaOA share/handle.php File SQL Injection Vulnerability Plug-in.
5. Add VMware vCenter Server /eam/vib Path Arbitrary File Read Vulnerability Plug-in.
6. Add IDocView /system/cmd.json Arbitrary Command Execution Vulnerability Plug-in.
7. Add Imo Cloud Office System /get_file.php Path Remote Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-07-12 18:00:43
Name: rsas-vulweb-V6.0R02F00.3501.dat Version:6.0.35.1
MD5:82b6c38f7e721375ad443fb27c43120e Size:1.06M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3500 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3500 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3501 .

The upgrade package includes the following updates:
1. Add Seeyon OA saveFormula4Cloud Interface JNDI Injection Vulnerability Plug-in.
2. Add EASFENET Document Security Management System SaveCDGPermissionFromGFOA SQL Injection Vulnerability Plug-in.
3. Add HJSOFT HCM pos_dept_post Interface SQL Injection Vulnerability Plug-in.
4. Add Yonyou NC doPost Interface SQL Injection Vulnerability Plug-in.
5. Add Weaver E-Cology Arbitrary File Read Vulnerability Plug-in.
6. Add h3c secparh Bastion Machine /audit/data_provider.php Command Execution Plug-in.
7. Add Geovision IP Camera /PictureCatch.cgi Path Remote Command Execution Plug-in.
8. Add H3C Enterprise-Level Router /goform/aspForm Remote Code Execution Vulnerability Plug-in.
9. Add iDocView /html/2word Remote Code Execution Vulnerability Plug-in.
10. Add NetMizer Traffic Management System cmd.php Remote Command Execution Vulnerability Plug-in.
11. Add REALOR GWT System GetBSAppUrl SQL Injection Vulnerability Plug-in.
12. Add GeoServer wfs Remote Command Execution Vulnerability (CVE-2024-36401) Plug-in.
13. Add Dahua DSS Digital Surveillance System-user_edit.action-Information Disclosure Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-07-05 19:03:17
Name: rsas-vulweb-V6.0R02F00.3500.dat Version:6.0.35.0
MD5:2ed1e3768f962ad280a8f02ad3a37b18 Size:1.44M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.34* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3500 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.3401.dat to rsas-vulweb-V6.0R02F00.3407.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-06-28 14:42:28
Name: rsas-vulweb-V6.0R02F00.3407.dat Version:6.0.34.7
MD5:36eec60ea4fb8f3062bc41b7d5d9274f Size:1.03M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3406 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3406 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3407 .

The upgrade package includes the following updates:
1. Add Hikvision Comprehensive Security Management Platform applyAutoLoginTicket Remote Code Execution Vulnerability Plug-in.
2. Add Meite CRM upload.jsp File Upload RCE Vulnerability Plug-in.
3. Add Yonyou Chanjet TPlus-keyEdit.aspx SQL Injection Vulnerability Plug-in.
4. Add Ruijie RG-EW1200G Wireless Router Login Bypass Vulnerability (CVE-2023-4415) Plug-in.
5. Add HJSOFT e-HR showmedia.jsp SQL Injection Vulnerability Plug-in.
6. Add Hikvision Comprehensive Security Management Platform download Arbitrary File Read Vulnerability Plug-in.
7. Add Apache OFBiz Path Traversal Vulnerability (CVE-2024-36104) Plug-in.
8. Add Check Point Security Gateway Information Disclosure Vulnerability (CVE-2024-24919) Plug-in.
9. Add PHP-CGI Parameter Injection Vulnerability (CVE-2024-4577) Plug-in.
10. Add Yonyou NC System downCourseWare Arbitrary File Read Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-06-21 23:42:12
Name: rsas-vulweb-V6.0R02F00.3406.dat Version:6.0.34.6
MD5:5f177d74f68018d0e3507e8aaf922394 Size:945.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3405 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3405 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3406 .

The upgrade package includes the following updates:
1. Add XWiki Platform Remote Code Execution Vulnerability (CVE-2023-37462) Plug-in.
2. Add modoboa Permission Bypass Vulnerability (CVE-2023-0777) Plug-in.
3. Add HJSOFT e-HR showmediainfo SQL Injection Vulnerability Plug-in.
4. Add Nexus Repository Path Traversal Vulnerability (CVE-2024-4956) Plug-in.
5. Add Gradio Server-Side Request Forgery Vulnerability (CVE-2024-1183) Plug-in.
6. Add H2O Server Unauthorized File Read Vulnerability (CVE-2023-6038) Plug-in.
7. Add Yonyou U8 cloud System XChangeServlet Interface XXE Vulnerability Plug-in.
8. Add Weaver e-cology jqueryFileTree.jsp Directory Traversal Vulnerability Plug-in.
9. Add HJSOFT eHR OutputCode Interface Arbitrary File Read Vulnerability Plug-in.
10. Add HJSOFT eHR fieldsettree Interface SQL injection vulnerability Plug-in.
11. Add Yonyou NC complainbilldetail Interface SQL Injection Vulnerability Plug-in.
12. Add Yonyou NC downTax/download Interface SQL Injection Vulnerability Plug-in.
13. Add Yonyou NC warningDetailInfo Interface SQL Injection Vulnerability Plug-in.
14. Add Yonyou NC linkVoucher Interface SQL Injection Vulnerability Plug-in.
15. Add WanHu OA text2Html Arbitrary File Read Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-06-07 21:35:51
Name: rsas-vulweb-V6.0R02F00.3405.dat Version:6.0.34.5
MD5:4379aa9b2961d781a0d6593658f3625b Size:992.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3404 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3404 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3405 .

The upgrade package includes the following updates:
1. Add REALOR GWT System SQL Injection Vulnerability Plug-in.
2. Add REALOR GWT System Remote Code Execution Vulnerability Plug-in.
3. Add Grafana Permission Bypass Vulnerability (CVE-2021-27358) Plug-in.
4. Add Gradio Unauthorized File Read Vulnerability (CVE-2024-1561) Plug-in.
5. Add Yonyou U8 CRM Customer Relationship Management System Arbitrary File Upload Vulnerability Plug-in.
6. Add EASFENET Document Security Management System Arbitrary File Read Vulnerability Plug-in.
7. Add Weaver OA E-Cology ResourceServlet Arbitrary File Read Vulnerability Plug-in.
8. Add Yonyou NC registerServlet JNDI Remote Code Execution Vulnerability Plug-in.
9. Add EASFENET Document Security Management System Arbitrary File Read Vulnerability Plug-in.
10. Add Dahua Intelligent IoT Comprehensive Management Platform FastJson Code Execution Vulnerability Plug-in.
11. Add Gradio Path Traversal Vulnerability (CVE-2024-1728) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-05-28 10:19:26
Name: rsas-vulweb-V6.0R02F00.3404.dat Version:6.0.34.4
MD5:3e38c91a164a71e1e283cb7518db999b Size:1.14M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3403 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3403 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3404 .

The upgrade package includes the following updates:
1. Add Target Site Detected to Have Tomcat docs Document Exposure Issue Plug-in.
2. Add Yonyou PaWfm2 Interface SQL Injection Vulnerability Plug-in.
3. Add Vertaai/modeldb Related Path Traversal Vulnerability (CVE-2023-6023) Plug-in.
4. Add Primeton EOS Platform eos.jmx Interface Deserialization Vulnerability Plug-in.
5. Add ZenTao zentaosid Authentication Bypass Vulnerability Plug-in.
6. Add MingSoft CMS list Interface SQL Injection Vulnerability Plug-in.
7. Add WordPress EventON Plugin Unauthorized Information Disclosure Vulnerability (CVE-2024-0235) Plug-in.
8. Add ReCrystallize Server Unbound Session Authentication Vulnerability (CVE-2024-26331) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-05-13 15:12:11
Name: rsas-vulweb-V6.0R02F00.3403.dat Version:6.0.34.3
MD5:11d698e2a514edefae13a9e15bdacfb2 Size:1.06M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3402 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3402 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3403 .

The upgrade package includes the following updates:
1. Add MLflow Path Traversal Vulnerability (CVE-2023-6909) Plug-in.
2. Add ConnectWise ScreenConnect Authentication Bypass Vulnerability (CVE-2024-1709) Plug-in.
3. Add GraphQL API Data Leak Vulnerability (CVE-2021-4191) Plug-in.
4. Add Tenda 11N Router Login Authentication Bypass Vulnerability (CVE-2022-42233) Plug-in.
5. Add Zabbix Authorization Bypass Vulnerability (CVE-2022-23134) Plug-in.
6. Add Dogtag PKI XML External Entity Injection Vulnerability (CVE-2022-2414) Plug-in.
7. Add WordPress W3 Total Cache Plugin Sensitive Information Disclosure Vulnerability (CVE-2019-6715) Plug-in.
8. Add MLflow Path Traversal Vulnerability (CVE-2023-1177) Plug-in.
9. Add MLflow Server File Overwrite Vulnerability (CVE-2023-6018) Plug-in.
10. Add MLflow Sensitive File Read Vulnerability (CVE-2023-6977) Plug-in.
11. Add Mlflow Local File Read Vulnerability (CVE-2023-2780) Plug-in.
12. Add MLflow Path Traversal Vulnerability (CVE-2023-2356) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-04-24 09:11:20
Name: rsas-vulweb-V6.0R02F00.3402.dat Version:6.0.34.2
MD5:c68b0aea8304d5fbe593cbc12e8fef06 Size:832.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3401 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3401 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3402 .

The upgrade package includes the following updates:
1. Add Palo Alto Networks PAN-OS Command Injection Vulnerability (CVE-2024-3400) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-04-18 09:27:15
Name: rsas-vulweb-V6.0R02F00.3401.dat Version:6.0.34.1
MD5:b4d61ea417070aa5822837d191388131 Size:1.10M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3400 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3400 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3401 .

The upgrade package add 23 plugins, including but not limited to:
1. Add InsydeH2O System Management Privilege Escalation Vulnerability (CVE-2020-2733) Plug-in.
2. Add openSIS Student Information Management System SQL Injection Vulnerability (CVE-2020-6637) Plug-in.
3. Add WSO2 API Manager XML External Entity Injection Vulnerability (CVE-2020-24589) Plug-in.
4. Add Seomatic Template Injection Vulnerability (CVE-2020-9757) Plug-in.
5. Add Ivanti Endpoint Manager Unauthenticated User Arbitrary Code Execution Vulnerability (CVE-2021-44529) Plug-in.
6. Add Gogs Repository File Upload Remote Code Execution Vulnerability (CVE-2022-0415) Plug-in.
7. Add WordPress Metform Plugin Improper Access Control Vulnerability (CVE-2022-1442) Plug-in.
8. Add ComfyUI Unauthorized File Read Vulnerability Plug-in.
9. Add Adobe ColdFusion Arbitrary File Read Vulnerability (CVE-2024-20767) Plug-in.
10. Add JEEWMS JDBC Deserialization Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-04-07 18:34:47
Name: rsas-vulweb-V6.0R02F00.3400.dat Version:6.0.34.0
MD5:e3e2f950c3a29c08542759cf4fd0575b Size:1.33M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.33* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3400 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.3301.dat to rsas-vulweb-V6.0R02F00.3306.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-04-01 17:31:10
Name: rsas-vulweb-V6.0R02F00.3306.dat Version:6.0.33.6
MD5:815111d57265c70b71175d5304bd8418 Size:897.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3305 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3305 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3306 .

The upgrade package includes the following updates:
1. Add HONGFAN iOffice ioDesktopData.asmx Interface SQL Injection Vulnerability Plug-in.
2. Add HJSOFT eHR Human Resources Management Software Arbitrary File Read Vulnerability Plug-in.
3. Add NextChat Server-Side Request Forgery and Cross-Site Scripting Vulnerabilities (CVE-2023-49785) Plug-in.
4. Add Yonyou NC saveDoc.ajax Arbitrary File Upload Vulnerability Plug-in.
5. Add WordPress WP Google Maps Plugin Improper Input Validation Vulnerability (CVE-2019-10692) Plug-in.
6. Add Gutenberg Template Library Unauthorized Sensitive Information Disclosure Vulnerability (CVE-2021-38314) Plug-in.
7. Add BackupBuddy Plugin Path Traversal Vulnerability (CVE-2022-31474) Plug-in.
8. Add Jira STAGIL Navigation Plugin Path Traversal Vulnerability (CVE-2023-26256) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-03-23 11:43:30
Name: rsas-vulweb-V6.0R02F00.3305.dat Version:6.0.33.5
MD5:0b7a5ecf66420cc9dc73e86643f7c06d Size:866.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3304 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3304 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3305 .

The upgrade package includes the following updates:
1. Add Aiohttp Path Traversal Vulnerability (CVE-2024-23334) Plug-in.
2. Add NocoDB Arbitrary File Access Vulnerability (CVE-2023-35843) Plug-in.
3. Add Bricks Remote Code Execution Vulnerability (CVE-2024-25600) Plug-in.
4. Add Landray EIS rpt_listreport_definefield.aspx SQL Injection Vulnerability Plug-in.
5. Add Yonyou U9 UMWebService.asmx Arbitrary File Read Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-03-11 18:32:34
Name: rsas-vulweb-V6.0R02F00.3304.dat Version:6.0.33.4
MD5:4e77deaba81e7bb11e62f219c0320693 Size:990.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3303 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3303 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3304 .

The upgrade package includes the following updates:
1. Add Foodbakery Plugin Cross-Site Scripting Vulnerability (CVE-2021-24389) Plug-in.
2. Add WordPress Plugin WOOF Cross-Site Scripting Vulnerability (CVE-2021-25085) Plug-in.
3. Add WordPress Plugin WOOCS Cross-Site Scripting Vulnerability (CVE-2022-0234) Plug-in.
4. Add mooSocial Cross-Site Scripting Vulnerability (CVE-2023-43325) Plug-in.
5. Add mooSocial Email Functionality Cross-Site Scripting Vulnerability (CVE-2023-43326) Plug-in.
6. Add mooSocial Cross-Site Scripting Vulnerability (CVE-2023-45542) Plug-in.
7. Add Hikvision Integrated Security Management Platform Arbitrary File Read Vulnerability Plug-in.
8. Add Gold and OA jc6 GetAttOut Interface SQL Injection Vulnerability Plug-in.
9. Add Legendsec SecGate3600 sys_hand_upfile Arbitrary File Upload Vulnerability Plug-in.
10. Add Huawei Auth-Http Server File Read Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-02-23 18:35:09
Name: rsas-vulweb-V6.0R02F00.3303.dat Version:6.0.33.3
MD5:76c9aadbca2213f6a1e28ef7b605a0d4 Size:979.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3302 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3302 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3303 .

The upgrade package includes the following updates:
1. Add Cross-Source Resource Sharing Insecure Configuration Vulnerability Plug-in.
2. Add Jenkins Unauthorized File Read Vulnerability (CVE-2024-23897) Plug-in.
3. Add Confluence Remote Code Execution Vulnerability (CVE-2023-22527) Plug-in.
4. Add Seeyon OA M3 Server Deserialization Remote Code Execution Vulnerability Plug-in.
5. Add WordPress Embed Swagger Plugin Cross-Site Scripting Vulnerability (CVE-2022-0381) Plug-in.
6. Add WordPress Pricing Tables Plugin Cross-Site Scripting Vulnerability (CVE-2022-1904) Plug-in.
7. Add WordPress Stock Ticker Plugin Cross-Site Scripting Vulnerability (CVE-2022-45365) Plug-in.
8. Add Spotweb SpotPage_login.php Cross-Site Scripting Vulnerability (CVE-2021-43725) Plug-in.
9. Add Verint Workforce Optimization Cross-Site Scripting Vulnerability (CVE-2021-36450) Plug-in.
10. Add Adobe ColdFusion Improper Access Control Vulnerability (CVE-2023-26347) Plug-in.
11. Add Adobe Connect Improper Access Control Vulnerability (CVE-2023-22232) Plug-in.
12. Add Apache OFBiz Path Traversal Vulnerability (CVE-2022-47501) Plug-in.
13. Add Appspace Server-Side Request Forgery Vulnerability (CVE-2021-27670) Plug-in.
14. Add Atmail Cross-Site Scripting Vulnerability (CVE-2021-43574) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-02-02 20:08:02
Name: rsas-vulweb-V6.0R02F00.3302.dat Version:6.0.33.2
MD5:7b75c547f1cbd4918a6bab86a5d7ade0 Size:1.04M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3301 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3301 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3302 .

The upgrade package includes the following updates:
1. Add Fastjson Deserialization Remote Code Execution Vulnerability (CVE-2022-25845) Plug-in.
2. Add Yonyou U8 Cloud SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-01-20 20:47:54
Name: rsas-vulweb-V6.0R02F00.3301.dat Version:6.0.33.1
MD5:363c75db5d98b0e006e45d473c1e8b8c Size:1.06M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3300 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3300 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3301 .

The upgrade package add 41 plugins, including but not limited to:
1. Add BeyondTrust Remote Support Cross-Site Scripting Vulnerability (CVE-2021-31589) Plug-in.
2. Add erxes Cross-Site Scripting Vulnerability (CVE-2021-32853) Plug-in.
3. Add Thruk status.cgi Cross-Site Scripting Vulnerability (CVE-2021-35488) Plug-in.
4. Add OpenSIS-Classic Cross-Site Scripting Vulnerability (CVE-2021-40542) Plug-in.
5. Add Grafana AngularJS URL Validation Cross-Site Scripting Vulnerability (CVE-2021-41174) Plug-in.
6. Add WordPress Payments Plugin Registration Activation Code XSS Vulnerability (CVE-2021-24239) Plug-in.
7. Add Aryanic HighMail User Field Cross-Site Scripting (XSS) Vulnerability (CVE-2020-23517) Plug-in.
8. Add QuiXplorer Cross-Site Scripting Vulnerability (CVE-2020-24902) Plug-in.
9. Add Clansphere CMS Module Parameter Security Vulnerability (CVE-2021-27309) Plug-in.
10. Add Mautic Password Reset Page Cross-Site Scripting Vulnerability (CVE-2021-27909) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-01-07 22:27:39
Name: rsas-vulweb-V6.0R02F00.3300.dat Version:6.0.33.0
MD5:7d4e7c53973590d317542cd63750389f Size:1.60M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.32* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3300 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.3201.dat to rsas-vulweb-V6.0R02F00.3206.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2024-01-03 18:31:23
Name: rsas-vulweb-V6.0R02F00.3206.dat Version:6.0.32.6
MD5:42f057afb71d59774ed04f7ad692f813 Size:1015.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3205 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3205 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3206 .

The upgrade package includes the following updates:
1. Add Apache OFBiz Pre-Authorization Code Injection Vulnerability (CVE-2023-49070) Plug-in.
2. Add Seeyon OA wpsAssistServlet Arbitrary File Read Vulnerability Plug-in.
3. Add EASFENET Document Security Management System Remote Code Execution Vulnerability Plug-in.
4. Add EASFENET Document Security Management System dlUltrasec File Read Vulnerability Plug-in.
5. Add Monstra CMS Registry Cross-Site Scripting Vulnerability (CVE-2018-11473) Plug-in.
6. Add BIBLIOsoft BIBLIOpac Cross-Site Scripting Vulnerability (CVE-2018-16139) Plug-in.
7. Add WordPress JSmol2WP Plugin Cross-Site Scripting Vulnerability (CVE-2018-20462) Plug-in.
8. Add Apache HTTP Server mod_proxy Module Cross-Site Scripting Vulnerability (CVE-2019-10092) Plug-in.
9. Add CloudBees Jenkins Build-Metrics Cross-Site Scripting Vulnerability (CVE-2019-10475) Plug-in.
10. Add Carel pCOWeb Cross-Site Scripting Vulnerability (CVE-2019-11370) Plug-in.
11. Add phpMyAdmin Cross-Site Request Forgery Vulnerability (CVE-2019-12616) Plug-in.
12. Add SugarCRM Cross-Site Scripting Vulnerability (CVE-2019-14974) Plug-in.
13. Add CTHthemes Theme Cross-Site Scripting Vulnerability (CVE-2019-20210) Plug-in.
14. Add WordPress Sell Media Cross-Site Scripting Vulnerability (CVE-2019-6112) Plug-in.
15. Add Nortek Security and Control Linear eMerge E3-Series Cross-Site Scripting Vulnerability (CVE-2019-7255) Plug-in.
16. Add Bitrix24 Web Application Firewall Cross-Site Scripting Vulnerability (CVE-2020-13483) Plug-in.
17. Add WordPress Nova Lite Theme Cross-Site Scripting Vulnerability (CVE-2020-17362) Plug-in.
18. Add qdPM Database Configuration Cross-Site Scripting Vulnerability (CVE-2020-19515) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-12-24 16:53:26
Name: rsas-vulweb-V6.0R02F00.3205.dat Version:6.0.32.5
MD5:656b1b459e9b0cf3dd4ac790abb5a213 Size:1023.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3204 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3204 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3205 .

The upgrade package includes the following updates, a total of 61 scanning plugins were added, including but not limited to:
1. Add PostgreSQL Information Disclosure Vulnerability (CVE-2023-4714) Plug-in.
2. Add Viessmann Vitogate 300 Authentication Bypass Vulnerability (CVE-2023-45852) Plug-in.
3. Add WordPress Visual Form Builder Improper Access Control Vulnerability (CVE-2022-0140) Plug-in.
4. Add WordPress WP Accessibility Helper Cross-Site Scripting Vulnerability (CVE-2022-0150) Plug-in.
5. Add WordPress Page Builder KingComposer Improper Input Validation Vulnerability (CVE-2022-0165) Plug-in.
6. Add WordPress White Label CMS Plugin Cross-Site Scripting Vulnerability (CVE-2022-0422) Plug-in.
7. Add Mastodon Attribute Confusion Vulnerability (CVE-2022-0432) Plug-in.
8. Add WordPress Shareaholic Information Disclosure Vulnerability (CVE-2022-0594) Plug-in.
9. Add Packagist Microweber Input Validation Vulnerability (CVE-2022-0597) Plug-in.
10. Add WordPress Master Elements SQL Injection Vulnerability (CVE-2022-0693) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-12-08 20:19:46
Name: rsas-vulweb-V6.0R02F00.3204.dat Version:6.0.32.4
MD5:3ade8874cc67a67765729d1f74d993d3 Size:1.11M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3203 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3203 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3204 .

The upgrade package includes the following updates:
1. Add WordPress CMP-Coming Soon & Maintenance Plugin Information Disclosure Vulnerability (CVE-2023-1263) Plug-in.
2. Add imgproxy Cross-Site Scripting Vulnerability (CVE-2023-1496) Plug-in.
3. Add WordPress MStore API Plugin Authentication Bypass Vulnerability (CVE-2023-2732) Plug-in.
4. Add Weaver E-Office Arbitrary File Access Vulnerability (CVE-2023-2766) Plug-in.
5. Add Art Gallery Management System Reflective XSS Vulnerability (CVE-2023 23161) Plug-in.
6. Add WordPress Quick Event Manager Plugin Cross-Site Scripting Vulnerability (CVE-2023-23491) Plug-in.
7. Add Citrix ADC and Citrix Gateway Cross-Site Scripting Vulnerability (CVE-2023-24488) Plug-in.
8. Add Adobe ColdFusion Access Control Vulnerability (CVE-2023-29298) Plug-in.
9. Add OURPHP ourphp_tz.php Cross-Site Scripting Vulnerability (CVE-2023-30210) Plug-in.
10. Add Webkil QloApps Cross-Site Scripting Vulnerability (CVE-2023-30256) Plug-in.
11. Add Gibbon Local File Inclusion Vulnerability (CVE-2023-34598) Plug-in.
12. Add Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability (CVE-2023-35078) Plug-in.
13. Add Ivanti EPMM Authentication Bypass Vulnerability (CVE-2023-35082) Plug-in.
14. Add Webkul QloApps Cross-Site Scripting Vulnerability (CVE-2023-36287) Plug-in.
15. Add Adiscon LogAnalyzer Cross-Site Scripting Vulnerability (CVE-2023-36306) Plug-in.
16. Add POS Codekop Cross-Site Scripting Vulnerability (CVE-2023-36346) Plug-in.
17. Add Juniper Networks Junos OS EX J-Web Remote Command Execution Vulnerability (CVE-2023-36845) Plug-in.
18. Add CasaOS Improper Access Control Vulnerability (CVE-2023-37265) Plug-in.
19. Add Odoo Cross-Site Scripting Vulnerability (CVE-2023-1434) Plug-in.
20. Add Milespight Industrial Cellular Router Log Information Disclosure Vulnerability (CVC-2023-43261) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-11-25 15:09:32
Name: rsas-vulweb-V6.0R02F00.3203.dat Version:6.0.32.3
MD5:0266383e8158546db492cf70df1892a2 Size:853.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3202 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3202 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3203 .

The upgrade package includes the following updates:
1. Add Atlassian Confluence Data Center and Server Authorization Vulnerability (CVE-2023-22518) Plug-in.
2. Add ThinkPHP 5.0.24 Information Disclosure Vulnerability (CVE-2022-25481) Plug-in.
3. Add Microweber Cross-Site Scripting Vulnerability (CVE-2023-5244) Plug-in.
4. Add Nortek Control eMerge E3 Series Access Controller XSS Vulnerability (CVE-2022-46381) Plug-in.
5. Add MDaemon Security Gateway XML Injection Vulnerability (CVE-2022-25356) Plug-in.
6. Add TCExam Information Disclosure Vulnerability (CVE-2021-20114) Plug-in.
7. Add Advantech R-SeeNet ssh_form.php Cross-Site Scripting Vulnerability (CVE-2021-21800) Plug-in.
8. Add Advantech R-SeeNet Cross-Site Scripting Vulnerability (CVE-2021-21799) Plug-in.
9. Add Advantech R-SeeNet Cross-Site Scripting Vulnerability (CVE-2021-21801) Plug-in.
10. Add Advantech R-SeeNet Cross-Site Scripting Vulnerability (CVE-2021-21802) Plug-in.
11. Add Advantech R-SeeNet Cross-Site Scripting Vulnerability (CVE-2021-21803) Plug-in.
12. Add Advantech R-SeeNet Command Injection Vulnerability (CVE-2021-21805) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-11-10 19:05:39
Name: rsas-vulweb-V6.0R02F00.3202.dat Version:6.0.32.2
MD5:f5efd242e23c2a918298af234bee73b4 Size:996.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3201 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3201 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3202 .

The upgrade package includes the following updates:
1. Add IceWarp Mail Server Open Redirect Vulnerability (CVE-2021-36580) Plug-in.
2. Add IceWarp WebClient Remote Code Execution Vulnerability (CVE-2023-39598) Plug-in.
3. Add IceWarp Cross-Site Scripting Vulnerability (CVE-2023-39600) Plug-in.
4. Add Zyxel VMG1312-B10D Directory Traversal Vulnerability (CVE-2018-19326) Plug-in.
5. Add WordPress tidio-form Plugin Arbitrary Scripting Injection Vulnerability (CVE-2016-1000152) Plug-in.
6. Add WordPress page-layout-builder Plugin Cross-site Scripting Vulnerability (CVE-2016-1000141) Plug-in.
7. Add H3C ER Series Path Traversal Vulnerability (CVE-2023-5142) Plug-in.
8. Add Seeyon OA XML External Entity Injection Vulnerability Plug-in.
9. Add JeecgBoot JimuReport Template Injection Vulnerability (CVE-2023-4450) Plug-in.
10. Add Adminer SSRF Vulnerability (CVE-2021-21311) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-10-31 12:49:56
Name: rsas-vulweb-V6.0R02F00.3201.dat Version:6.0.32.1
MD5:5b33dbc7552af45b0c36c192aff85744 Size:847.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3200 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3200 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3201 .

The upgrade package includes the following updates:
1. Add DAS-SECURITY Operation and Maintenance Audit and Risk Control System SSRF Vulnerability Plug-in.
2. Add WAVLINK WN535 G3 Cross-Site Scripting Vulnerability (CVE-2022-30489) Plug-in.
3. Add Apache Superset Access Control Vulnerability (CVE-2023-27524) Plug-in.
4. Add Icinga Web 2 Unauthorized File Disclosure Vulnerability (CVE-2022-24716) Plug-in.
5. Add Grafana Permission Bypass Vulnerability (CVS 2021-39226) Plug-in.
6. Add Microsoft Exchange Server Code Injection Vulnerability (CVE-2021-31195) Plug-in.
7. Add ZyXEL ZyWAL Cross-Site Scripting Vulnerability (CVS 2021-46387) Plug-in.
8. Add PowerJob Unauthorized Access Vulnerability (CVE-2023-29922) Plug-in.
9. Add Lightdash Directory Traversal Vulnerability (CVE-2023-35844) Plug-in.
10. Add CRM Perks Form Cross-Site Scripting Vulnerability (CVE-2022-38467) Plug-in.
11. Add FUDForum Cross-Site Scripting Vulnerability (CVE-2021-27519) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-10-13 18:37:58
Name: rsas-vulweb-V6.0R02F00.3200.dat Version:6.0.32.0
MD5:cdde061bcd6786575ec8908dbbdcdc9b Size:1.16M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.31* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3200 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.3101.dat to rsas-vulweb-V6.0R02F00.3110.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-10-08 10:40:34
Name: rsas-vulweb-V6.0R02F00.3110.dat Version:6.0.31.10
MD5:a3d03f8905db77867d92af5fe93d0cfa Size:838.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3109 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3109 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3110 .

The upgrade package includes the following updates:
1. Add Roxy-WI Remote Injection Vulnerability (CVE-2022-31126) Plug-in.
2. Add Open edX Cross-Site Scripting (XSS) Vulnerability (CVE-2022-32195) Plug-in.
3. Add TerraMaster TOS Unauthorized Remote Command Execution Vulnerability (CVE-2022-24990) Plug-in.
4. Add Seeyon OA Password Modification Interface Unauthorized Access Vulnerability Plug-in.
5. Add JumpServer Information Disclosure Vulnerability Plug-in.
6. Add Yonyou GRP-U8 bx_historyDataCheck.jsp SQL Injection Vulnerability Plug-in.
7. Add PowerJob Permission Control Vulnerability (CVE-2023-29923) Plug-in.
8. Add Traggo Server Directory Traversal Vulnerability (CVE-2023-34843) Plug-in.
9. Add Patreon WordPress Plugin Information Disclosure Vulnerability (CVE-2021-24227) Plug-in.
10. Add nacos Permission Bypass Vulnerability (CVE-2021-29442) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-09-28 12:06:53
Name: rsas-vulweb-V6.0R02F00.3109.dat Version:6.0.31.9
MD5:dce3f3e5372a04c0fecfccee5697d747 Size:959.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3108 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3108 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3109 .

The upgrade package includes the following updates:
1. Add SourceMap Source Code File Disclosure Vulnerability Plug-in.
2. Add Jeecg-Boot Unauthorized SQL Injection Vulnerability (CVE-2023-1454) Plug-in.
3. Add Chanjet T+ Remote Command Execution Vulnerability Plug-in.
4. Add CNPOWER OA Arbitrary File Upload Vulnerability Plug-in.
5. Add CNPOWER OA Collaborative Office System Arbitrary File Read Vulnerability Plug-in.
6. Add DBSEC OA C6 Arbitrary File Read Vulnerability Plug-in.
7. Add Sangfor AD Report System Arbitrary File Read Vulnerability Plug-in.
8. Add Sangfor AD Management System Unauthorized Access Vulnerability Plug-in.
9. Add Shikong Zhiyou Enterprise Process Control System Login File Read Vulnerability Plug-in.
10. Add LiveBOS ShowImage.do Arbitrary File Read Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-09-15 16:16:54
Name: rsas-vulweb-V6.0R02F00.3108.dat Version:6.0.31.8
MD5:3ff23bf01f0856fb90f0631754835042 Size:861.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3107 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3107 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3108 .

The upgrade package includes the following updates:
1. Add Blue Sea Zhuo Yue Billing Management System Debug RCE Vulnerability Plug-in.
2. Add Landray EKP Unauthorized Access Vulnerability Plug-in.
3. Add TOTOLINK LR350 Command Injection Vulnerability (CVE-2023-37148) Plug-in.
4. Add CTI Monitoring and Warning System Database Disclosure Vulnerability Plug-in.
5. Add CTI Monitoring and Warning System FileDownLoad Arbitrary File Read Vulnerability Plug-in.
6. Add EASFENET importFileType Arbitrary File Upload Vulnerability Plug-in.
7. Add CNPOWER OA 8000 workFlowService SQL Injection Vulnerability Plug-in.
8. Add NewCapec Smart Campus System freemaker Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-09-02 16:44:23
Name: rsas-vulweb-V6.0R02F00.3107.dat Version:6.0.31.7
MD5:262a09954c6f08e432f8c57ccba607c4 Size:809.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3106 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3106 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3107 .

The upgrade package includes the following updates:
1. Add Zhiyuan OA 8 Front Office XXE Vulnerability Plug-in.
2. Add Kingdee Cloud Starry Sky Arbitrary File Reading Vulnerability Plug-in.
3. Add Ruijie NBR Router Arbitrary File Upload Vulnerability Plug-in.
4. Add Dahua Smart Park User Password Disclosure Vulnerability Plug-in.
5. Add Dahua Smart Park Comprehensive Management Platform searchJson SQL Injection Vulnerability Plug-in.
6. Add Qiming Star 4A Unified Security Control Platform Information Leakage Plug-in.
7. Add Jinhe OA C6 GetSqlData.aspx SQL Injection Vulnerability Plug-in.
8. Add Feiqi Internet FE Business Collaboration Platform ShowImageServlet File Reading Vulnerability Plug-in.
9. Add Ruijie Switch WEB Management System EXCU_ SHELL Information Disclosure Vulnerability Plug-in.
10. Add seeyon NC wsncapplet.jsp Information Disclosure Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-08-23 16:46:16
Name: rsas-vulweb-V6.0R02F00.3106.dat Version:6.0.31.6
MD5:bc7c5708e92036540931dfab273d0947 Size:839.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3105 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3105 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3106 .

The upgrade package includes the following updates:
1. Add Tianqing Terminal Security Management System Log Leakage Vulnerability Plug-in.
2. Add Remote Command Execution Vulnerability in Zhiyuan OA M1Server Plug-in.
3. Add WeCRM SQL injection vulnerability Plug-in.
4. Add Wantit ERP remote command execution vulnerability. Plug-in.
5. Add . Plug-in.
6. Add Stakater Forecastle Path Traversal Vulnerability (CVE-2023-402) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-08-18 15:50:02
Name: rsas-vulweb-V6.0R02F00.3105.dat Version:6.0.31.5
MD5:18765325fc5f798fe59862cb82446b35 Size:885.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3104 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3104 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3105 .

The upgrade package includes the following updates:
1. Add Glodon OA Collaborative Office System Frontend SQL Injection Vulnerability Plug-in.
2. Add WeChat Management Platform Unauthorized Access Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-08-18 10:25:29
Name: rsas-vulweb-V6.0R02F00.3104.dat Version:6.0.31.4
MD5:8d587356abfe442d40b515c32b29f20d Size:812.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3103 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3103 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3104 .

The upgrade package includes the following updates:
1. Add Dahua Smart Park Integrated Management Platform File Upload Vulnerability. Plug-in.
2. Add MLflow Path Traversal Vulnerability (CVE-2023-3765) Plug-in.
3. Add Mingyu Security Gateway Remote Command Execution(CNVD-2023-03898). Plug-in.
4. Add Yonyou Mobile Management System Arbitrary File Upload Vulnerability Plug-in.
5. Add Hikvision Integrated Security Management Platform env Information Leakage Vulnerability Plug-in.
6. Add Hikvision Integrated Security Management Platform Report Arbitrary File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-08-12 19:01:29
Name: rsas-vulweb-V6.0R02F00.3103.dat Version:6.0.31.3
MD5:e9a7f2ce95155203ac86841b7338b9b1 Size:825.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3102 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3102 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3103 .

The upgrade package includes the following updates:
1. Add Metabase Remote Command Execution Vulnerability (CVE-2023-38646) Plug-in.
2. Add H3C SSL VPN Cross-Site Scripting Vulnerability (CVE-2022-35416) Plug-in.
3. Add Kingdee ERP Remote Code Execution Vulnerability Plug-in.
4. Add Yonyou FE Collaborative Office Platform Directory Traversal Vulnerability. Plug-in.
5. Add Hjsoft eHR Arbitrary File Upload Vulnerability Plug-in.
6. Add Weaver E-Office Arbitrary File Upload Vulnerability (CVE-2023-2523) Plug-in.
7. Add Weaver Arbitrary File Upload Vulnerability (CVE-2023-2648) Plug-in.
8. Add H3C Multiple Series Products Remote Command Execution Vulnerability Plug-in.
9. Add Yonghong BI Report Foreground Arbitrary File Reading Plug-in.
10. Add Sangfor Application Delivery Management System login remote command execution vulnerability. Plug-in.
11. Add HiKVISION iSecure Center arbitrary file upload vulnerability. Plug-in.
12. Add Hand SRM login bypass vulnerability Plug-in.
13. Add SecSSL 3600 Security Access Gateway System Unauthorized Access Vulnerability Plug-in.
14. Add SecGate 3600 firewall obj_app_upfile arbitrary file upload vulnerability Plug-in.
15. Add Nacos has weak password Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-08-11 13:28:14
Name: rsas-vulweb-V6.0R02F00.3102.dat Version:6.0.31.2
MD5:320273040bcf27b6110cfe147e7495bc Size:805.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3101 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3101 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3102 .

The upgrade package includes the following updates:
1. Add Grafana Credential Disclosure Vulnerability (CVE-2022-26148) Plug-in.
2. Add Smartbi Built-in User Login Bypass Vulnerability Plug-in.
3. Add PbootCMS Code Injection Vulnerability (CVE-2022-32417) Plug-in.
4. Add Dynamicweb Remote Command Execution Vulnerability (CVE-2022-25369) Plug-in.
5. Add VoIPmonitor SQL Injection Vulnerability (CVE-2022-24260) Plug-in.
6. Add WAVLINK System Command Injection Vulnerability (CVE-2022-2486) Plug-in.
7. Add WordPress Mailpress Plugin Remote Code Execution Vulnerability Plug-in.
8. Add Zoho ManageEngine ADSelfService Plus XSS Injection Vulnerability (CVE-2022-24681) Plug-in.
9. Add i3Geo Local File Inclusion Vulnerability (CVE-2022-32409) Plug-in.
10. Add Keycloak XSS Vulnerability (CVE-2021-20323) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-07-28 18:58:30
Name: rsas-vulweb-V6.0R02F00.3101.dat Version:6.0.31.1
MD5:d5e190890c040028333d961280a0b004 Size:813.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3100 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3100 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3101 .

The upgrade package includes the following updates:
1. Add NETGEAR ProSafe SSL VPN Firmware FVS336G SQL Injection Vulnerability (CVE-2022-29383) Plug-in.
2. Add Oracle E-Business Suite Unauthorized File Upload Vulnerability (CVS 2022-21587) Plug-in.
3. Add Weaver OA E-Office 10 File Read Vulnerability Plug-in.
4. Add Weaver OA E-Office webservice File Read Vulnerability Plug-in.
5. Add Zhejiang Uniview Network Video Recorder Remote Command Execution Vulnerability Plug-in.
6. Add PowerCreator CMS Arbitrary File Upload Vulnerability Plug-in.
7. Add WordPress Page View Count Plugin SQL Injection vulnerability (CVE-2022-0434) Plug-in.
8. Add Contec SolarView Compact Command Injection Vulnerability (CVE-2023-23333) Plug-in.
9. Add WAVLINK System Command Injection Vulnerability (CVE-2022-2488) Plug-in.
10. Add Zyxel USG Unauthorized Access Vulnerability (CVE-2022-0342) Plug-in.
11. Add Seeyon OA wpsAssistServlet Arbitrary File Upload Vulnerability Plug-in.
12. Add Weaver E-cology Frontend SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-07-15 10:49:55
Name: rsas-vulweb-V6.0R02F00.3100.dat Version:6.0.31.0
MD5:3bb3b28fb81dbb7728257363b6759efa Size:1.91M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.30* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3100 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.3001.dat to rsas-vulweb-V6.0R02F00.3007.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-07-06 10:37:02
Name: rsas-vulweb-V6.0R02F00.3007.dat Version:6.0.30.7
MD5:2768422724fdb190702853e474f35dcb Size:805.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3006 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3006 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3007 .

The upgrade package includes the following updates:
1. Add AVEVA InTouch Access Anywhere Local File Inclusion (CVE-2022-23854) Plug-in.
2. Add ZK Framework Information Disclosure Vulnerability (CVE-2022-36537) Plug-in.
3. Add WRTeam eShop Cross-Site Scripting Vulnerability (CVE-2022-35493) Plug-in.
4. Add ZOHO ManageEngine Password Manager Pro Security Vulnerability (CVE-2022-35405) Plug-in.
5. Add kkFileView Cross-Site Scripting Vulnerability (CVE-2022-35151) Plug-in.
6. Add WAVLINK WN530HG4 Information Disclosure Vulnerability (CVE-2022-34047) Plug-in.
7. Add WAVLINK WN533A8 Information Disclosure Vulnerability (CVE-2022-34046) Plug-in.
8. Add WWBN AVideo Cross-Site Scripting Vulnerability (CVE-2022-32772) Plug-in.
9. Add WWBN AVideo Cross-Site Scripting Vulnerability (CVE-2022-32771) Plug-in.
10. Add WWBN AVideo Cross-Site Scripting Vulnerability (CVE-2022-32770) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-06-30 20:29:27
Name: rsas-vulweb-V6.0R02F00.3006.dat Version:6.0.30.6
MD5:9966b970eafa9cb72815dcfb4fe3237f Size:1.24M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3005 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3005 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3006 .

The upgrade package includes the following updates:
1. Add Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) Plug-in.
2. Add Repetier Server Path Traversal Vulnerability (CVE-2023-31059) Plug-in.
3. Add Securepoint Unified Threat Management Security Vulnerability (CVS 2023-22897) Plug-in.
4. Add ReQlogic Cross-Site Scripting Vulnerability (CVE-2022-41441) Plug-in.
5. Add kkFileView Cross-Site Scripting Vulnerability (CVE-2022-40879) Plug-in.
6. Add L-Soft LISTSERV Cross-Site Scripting Vulnerability (CVE-2022-39195) Plug-in.
7. Add Academy Learning Management System Cross-Site Scripting Vulnerability (CVE-2022-38553) Plug-in.
8. Add ServiceNow San Diego Patch Cross-Site Scripting Vulnerability (CVS 2022-38463) Plug-in.
9. Add Jenkins Git Plugin Security Vulnerability (CVE-2022-36883) Plug-in.
10. Add Atlassian Bitbucket Server Command Injection Vulnerability (CVE-2022-36804) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-06-09 22:25:49
Name: rsas-vulweb-V6.0R02F00.3005.dat Version:6.0.30.5
MD5:a43a1f4c190c69b25c0dce8a1280ebb3 Size:1.09M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3004 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3004 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3005 .

The upgrade package includes the following updates:
1. Add Oracle JavaServer Faces Directory Traversal Vulnerability (CVE-2013-3827) Plug-in.
2. Add HJSOFT Human Resources Management System SQL Injection Vulnerability (CNVD-2023-08743) Plug-in.
3. Add kkFileView Server-Side Request Forgery Vulnerability (CVE-2022-43140) Plug-in.
4. Add FUDForum Cross-Site Scripting Vulnerability (CVE-2021-27520) Plug-in.
5. Add Ghost Path Traversal Vulnerability (CVE-2023-32235) Plug-in.
6. Add OURPHP Cross-Site Scripting Vulnerability (CVE-2023-30212) Plug-in.
7. Add Cpanel Cross-Site Scripting Vulnerability (CVE-2023-29489) Plug-in.
8. Add ATutor Cross-Site Scripting Vulnerability (CVE-2023-27008) Plug-in.
9. Add Gimmie vBulletin Remote Code Execution Vulnerability (CVE-2023-25135) Plug-in.
10. Add ThinkPHP File Inclusion Vulnerability (CVE-2022-47945) Plug-in.
11. Add Masa CMS Authentication Bypass Vulnerability (CVE-2022-47002) Plug-in.
12. Add kkFileView Cross-Site Scripting Vulnerability (CVE-2022-46934) Plug-in.
13. Add Default Password in MinIO Plug-in.
14. Add Weak Password in MinIO Plug-in.
15. Add Unauthorized Access in SRS Console Plug-in.
16. Add Weaver OA ofsLogin.jsp information leakage and front-end arbitrary user login vulnerability Plug-in.
17. Add Yonyou NC Deserialization Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-05-30 16:54:38
Name: rsas-vulweb-V6.0R02F00.3004.dat Version:6.0.30.4
MD5:4f0f8d6fb7c287f17633f8cbf4837f03 Size:851.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3003 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3003 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3004 .

The upgrade package includes the following updates:
1. Add GitLab CE/EE Hardcoded Credentials (CVE-2022-1162) Plug-in.
2. Add GitLab CE/EE Remote Code Execution Vulnerability (CVE-2022-2185) Plug-in.
3. Add HashiCorp Consul/Consul Enterprise Server-side Request Forgery Vulnerability (CVE-2022-29153) Plug-in.
4. Add KkFileView 4.0.0 XSS Vulnerability (CVE-2022-29349) Plug-in.
5. Add Microweber before 1.2.11 XSS Vulnerability (CVE-2022-0678) Plug-in.
6. Add QNAP QTS Local File Inclusion Vulnerability (CVE-2022-27593) Plug-in.
7. Add Sophos Firewall through 18.5 MR3 Remote Code Execution Vulnerability (CVE-2022-1040) Plug-in.
8. Add WordPress Directorist before 7.3.1 Information Disclosure Vulnerability (CVE-2022-2376) Plug-in.
9. Add WordPress Country Selector before 1.6.6 XSS Vulnerability (CVE-2022-28290) Plug-in.
10. Add Weaver Ecology OA SQL Injection Vulnerability Plug-in.
11. Add xmlrpc Interface Java Deserialization Command Execution Vulnerability Detected in Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-05-12 15:56:39
Name: rsas-vulweb-V6.0R02F00.3003.dat Version:6.0.30.3
MD5:abf4f22dac2be79af6b4a8e7f8e3ca01 Size:953.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3002 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3002 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3003 .

The upgrade package includes the following updates:
1. Add REALOR GWT System SQL Injection Vulnerability Plug-in.
2. Add REALOR GWT System Remote Code Execution Vulnerability Plug-in.
3. Add Pie Register before 3.8.2.3 Open Redirection Vulnerability (CVS 2023-0552) Plug-in.
4. Add Squidex before 7.4.0 XSS Vulnerability (CVS 2023-24278) Plug-in.
5. Add mojoPortal 2.7.0.0 XSS Vulnerability (CVS 2023-24322) Plug-in.
6. Add Microweber Sensitive Information Disclosure Vulnerability (CVE-2022-0281) Plug-in.
7. Add XSS Vulnerability in LearnPress before 4.1.6 (CVE-2022-0271) Plug-in.
8. Add XSS Vulnerability in Microweber (CVE-2022-0378) Plug-in.
9. Add GitLab CE/EE Runner Registration Token Disclosure (CVE-2022-0735) Plug-in.
10. Add uDraw before 3.3.3 Local File Inclusion Vulnerability (CVE-2022-0656) Plug-in.
11. Add Microweber before 1.2.15 XSS Vulnerability (CVE-2022-1439) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-04-23 09:17:55
Name: rsas-vulweb-V6.0R02F00.3002.dat Version:6.0.30.2
MD5:f13bd90cab33ab1d8b42fbaf34f1e4cb Size:661.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3001 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3001 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3002 .

The upgrade package includes the following updates:
1. Add Oracle WebLogic Server Remote Code Execution Vulnerability (CVE-2023-21931) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-04-19 21:05:58
Name: rsas-vulweb-V6.0R02F00.3001.dat Version:6.0.30.1
MD5:0ff9f9c7dddb98188b96ad53dfcf0b97 Size:766.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3000 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3000 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3001 .

The upgrade package includes the following updates:
1. Add phpIPAM IP Address Management v1.6 XSS Vulnerability (CVE-2023-24657) Plug-in.
2. Add PMB v7.4.6 Reflective XSS (CVE-2023-24733) Plug-in.
3. Add PMB v7.4.6 Open Redirect Vulnerability (CVE-2023-24735) Plug-in.
4. Add PMB v7.4.6 XSS Vulnerability (CVE-2023-24737) Plug-in.
5. Add T24 Web Server Local File Inclusion Vulnerability (CVE-2019-14251) Plug-in.
6. Add Temenos T24 R20 XSS Vulnerability (CVE-2023-24367) Plug-in.
7. Add WordPress Tutor LMS before 2.0.10 XSS Vulnerability (CVE-2023-0236) Plug-in.
8. Add WordPress WP TripAdvisor Review Slider before 10.8 SQL Injection Vulnerability (CVE-2023-0261) Plug-in.
9. Add WordPress Easy Digital Downloads 3.1.0.2/3.1.0.3 SQL Injection Vulnerability (CVE-2023-23489) Plug-in.
10. Add PMB Services Directory Traversal Vulnerability Plug-in.
11. Add WordPress Paid Memberships Pro before 2.9. 8 SQL Injection Vulnerability (CVE-2023-23488) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-04-07 22:19:12
Name: rsas-vulweb-V6.0R02F00.3000.dat Version:6.0.30.0
MD5:3d8405c9dbd5e10bfc3d72b676960938 Size:2.07M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.29* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3000 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2901.dat to rsas-vulweb-V6.0R02F00.2906.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-03-31 19:12:37
Name: rsas-vulweb-V6.0R02F00.2906.dat Version:6.0.29.6
MD5:92672816dee486935712096fee0b3199 Size:1.72M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2905 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2905 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2906 .

The upgrade package includes the following updates:
1. Add WordPress Information Disclosure Vulnerability (CVE-2017-5487) Plug-in.
2. Add Ueditor server request forgery (SSRF) vulnerability Plug-in.
3. Add Odoo has an unauthorized access vulnerability Plug-in.
4. Add Odoo path traversal vulnerability (CVE-2019-14322) Plug-in.
5. Add E-cology9 browser.jspSQL Injects vulnerability Plug-in.
6. Add Qioa msglog.aspx SQL Injection vulnerability Plug-in.
7. Add ODOO path traverse vulnerability (CVE-2017-9416) Plug-in.
8. Add MinIO Unauthorized Information Disclosure (CVE-2023-28432) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-03-29 09:06:00
Name: rsas-vulweb-V6.0R02F00.2905.dat Version:6.0.29.5
MD5:6ae258eb5cd892da49d0561a4fc813b3 Size:1.03M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2904 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2904 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2905 .

The upgrade package includes the following updates:
1. Add ShowDoc Default Password Vulnerability Plug-in.
2. Add ShowDoc Arbitrary File Upload Vulnerability (CNVD-2020-26585) Plug-in.
3. Add Weak Password in ShowDoc Plug-in.
4. Add Fortinet FortiNAC Remote Code Execution Vulnerability (CVE-2022-39952) Plug-in.
5. Add Control Web Panel Login Remote Command Execution Vulnerability (CVE-2022-44877) Plug-in.
6. Add Joomla Unauthorized Access Vulnerability (CVE-2023-23752) Plug-in.
7. Add Apache Kafka Connect Remote Code Execution Vulnerability (CVE-2023-25194) Plug-in.
8. Add Plesk Obsidian Host Header Injection Vulnerability (CVE-2023-24044) Plug-in.
9. Add Shiziyu CMS ApiController.class.php SQL Injection Vulnerability Plug-in.
10. Add Shiziyu CMS ApigoodController.class.php SQL Injection Vulnerability Plug-in.
11. Add Default Password Used in Shiziyu CMS Plug-in.
12. Add Weak Password Used in Shiziyu CMS Plug-in.
13. Add Shiziyu CMS image_upload.php Arbitrary File Upload Vulnerability Plug-in.
14. Add Shiziyu CMS wxapp.php Arbitrary File Upload Vulnerability Plug-in.
15. Add IBM Aspera Faspex Unauthorized RCE (CVE-2022-47986) Plug-in.
16. Add GeoServer Jiffle Remote Code Execution Vulnerability (CVE-2022-24816) Plug-in.
17. Add FortiWeb Remote Code Execution Vulnerability (CVE-2021-42756) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-03-10 09:08:04
Name: rsas-vulweb-V6.0R02F00.2904.dat Version:6.0.29.4
MD5:438252339d60509e3d21df91f4a43c50 Size:765.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2903 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2903 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2904 .

The upgrade package includes the following updates:
1. Add RabbitMQ Default Password Vulnerability Plug-in.
2. Add Detection of Weak Passwords in RabbitMQ Plug-in.
3. Add SolarWinds Remote Code Execution Vulnerability (CVE-2020-10148) Plug-in.
4. Add Atlassian JIRA Information Disclosure Vulnerability (CVE-2019-3401) Plug-in.
5. Add SQL Injection Vulnerability Detected in rConfig v3.9.4 (CVE-2020-10546) Plug-in.
6. Add SQL Injection Vulnerability Detected in rConfig v3.9.4 (CVE-2020-10547) Plug-in.
7. Add SQL Injection Vulnerability Detected in rConfig v3.9.4 (CVE-2020-10548) Plug-in.
8. Add Oracle E-Business Suite File Read Vulnerability Plug-in.
9. Add Oracle E-Business Suite Sensitive Information Disclosure Vulnerability (CVE-2022-21500) Plug-in.
10. Add Oracle E-Business Suite Sensitive Information Disclosure Vulnerability Plug-in.
11. Add Golang pprof Information Disclosure Vulnerability Plug-in.
12. Add Apache Log4j Server Deserialization Command Execution Vulnerability (CVE-2017-5645) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-02-17 18:50:00
Name: rsas-vulweb-V6.0R02F00.2903.dat Version:6.0.29.3
MD5:7f1ddb771681963a80602f5fde0e5542 Size:770.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2902 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2902 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2903 .

The upgrade package includes the following updates:
1. Add Atlassian Jira Authentication Bypass Vulnerability (CVE-2022-0540) Plug-in.
2. Add Cerebro Request SSRF Vulnerability Plug-in.
3. Add Atlassian Questions For Confluence Authentication Bypass Vulnerability (CVE-2022-26138) Plug-in.
4. Add Gitblit Path Traversal Vulnerability (CVE-2022-31268) Plug-in.
5. Add phpMyAdmin Arbitrary File Read Vulnerability (CVE-2019-6799) Plug-in.
6. Add 3COM NJ20003com Default Password Vulnerability Plug-in.
7. Add docker-kong Security Vulnerability (CVE-2020-11710) Plug-in.
8. Add Oracle WebLogic Server Remote Code Execution Vulnerability (CVE-2023-21839) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-02-03 18:11:06
Name: rsas-vulweb-V6.0R02F00.2902.dat Version:6.0.29.2
MD5:0f8f6f2be4cacd4cb53e2079f4dad486 Size:668.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2901 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2901 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2902 .

The upgrade package includes the following updates:
1. Add ZenTao Project Management System Permission Bypass and Command Execution Vulnerabilities Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-01-13 20:46:52
Name: rsas-vulweb-V6.0R02F00.2901.dat Version:6.0.29.1
MD5:14149f751981642d329d9fd36ad0fe19 Size:789.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2900 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2900 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2901 .

The upgrade package includes the following updates:
1. Add Multiple NETGEAR Routers Administrator Password Information Disclosure Vulnerability (CVE-2017-5521) Plug-in.
2. Add HJSOFT e-HR Human Resource Management System File Upload Vulnerability Plug-in.
3. Add D-Link DIR816L Unauthorized Access Vulnerability (CVE-2022-28955) Plug-in.
4. Add Laravel FileManager Path Traversal Vulnerability (CVE-2022-40734) Plug-in.
5. Add Weaver OA E-Weaver SignatureDownLoad Arbitrary File Read Vulnerability Plug-in.
6. Add Omnia MPX Sensitive Information Disclosure Vulnerability (CVE-2022-36642) Plug-in.
7. Add Whir ezoffice TeleConferenceService XXE Injection Vulnerability Plug-in.
8. Add Whir OA DocumentEdit.jsp SQL Injection Vulnerability Plug-in.
9. Add Whir ezoffice download_ftp Arbitrary File Download Vulnerability Plug-in.
10. Add Zimbra MailboxImportServlet Authentication Bypass Vulnerability (CVE-2022-37042) Plug-in.
11. Add Dbappsecurity Web Application Firewall (WAF) Arbitrary User Login Plug-in.
12. Add Weaver OA Unauthorized Arbitrary User Login Vulnerability Plug-in.
13. Add VMware Workspace ONE Access Authentication Vulnerability (CVE-2022-31656) Plug-in.
14. Add Weaver E-Mobile messageType.do SQL Injection Vulnerability Plug-in.
15. Add Chinaiwb Firewall login.php SQL Injection Vulnerability Plug-in.
16. Add Chinaiwb Firewall setdomain.php Out-of-Bounds Access Vulnerability Plug-in.
17. Add Weaver E-mobile client.do Remote Code Execution Vulnerability Plug-in.
18. Add Zyxel Firewall Remote Command Injection Vulnerability (CVE-2022-30525) Plug-in.
19. Add Kkfileview Document Online Preview System Arbitrary File Read Vulnerability Plug-in.
20. Add Kkfileview Document Online Preview System SSRF Vulnerability Plug-in.
21. Add VMware Workspace ONE Access Template Injection Vulnerability (CVE-2022-22954) Plug-in.
22. Add BSPHP Network Authentication System Unauthorized Access Vulnerability Plug-in.
23. Add Hysine Webtalk System Ping.php Command Execution Vulnerability Plug-in.
24. Add Shenzhen Launch Video Surveillance System Unauthorized Access Vulnerability Plug-in.
25. Add AnyMacro Email System File Inclusion Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2023-01-07 18:26:22
Name: rsas-vulweb-V6.0R02F00.2900.dat Version:6.0.29.0
MD5:2264dc5b0a1d037ab129d8d8f2438f84 Size:1.36M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.28* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2900 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2801.dat to rsas-vulweb-V6.0R02F00.2806.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-12-30 20:55:56
Name: rsas-vulweb-V6.0R02F00.2806.dat Version:6.0.28.6
MD5:ffaeffba24a1ec13edef15ac5f3fb22e Size:862.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2805 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2805 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2806 .

The upgrade package includes the following updates:
1. Add Thinkphp Multilingual Remote Code Execution Vulnerability Plug-in.
2. Add Windor Wisdom Anxiaoyi Integrative Management Platform FileDownLoad.aspx Arbitrary File Read Vulnerability Plug-in.
3. Add Pentaho Business Analytics Authentication Vulnerability (CVE-2021-31602) Plug-in.
4. Add Axis2 System HappyAxis.jsp Sensitive Information Disclosure Vulnerability Plug-in.
5. Add Axis2 Service File Read Vulnerability Plug-in.
6. Add Facemeeting Cloud Video Conferencing System Struts2 Remote Command Execution Vulnerability Plug-in.
7. Add Login Bypass Vulnerability Detected in Kemai RAS Server Plug-in.
8. Add Casdoor SQL Injection Vulnerability (CVE-2022-24124) Plug-in.
9. Add Casdoor Sensitive Information Disclosure Vulnerability Plug-in.
10. Add GLPI ihtmLawedTest.php Remote Command Execution Vulnerability (CVE-2022-35914) Plug-in.
11. Add GLPI Information Disclosure Vulnerability (CVE-2021-39211) Plug-in.
12. Add GLPI Path Traversal Vulnerability (CVE-2021-43778) Plug-in.
13. Add Weaver OA E-Office UserSelect Unauthorized Access Vulnerability Plug-in.
14. Add Weaver OA E-Office Arbitrary File Read Vulnerability Plug-in.
15. Add Cacti Command Injection Vulnerability (CVE-2022-46169) Plug-in.
16. Add Default Passwords Detected in Cacti Plug-in.
17. Add Weak Passwords Detected in Cacti Plug-in.
18. Add WAPPLES Web Application Firewall Hardcoded Credentials Vulnerability (CVE-2022-35413) Plug-in.
19. Add nps Security Bypass Vulnerability Plug-in.
20. Add pgadmin validate_binary_path Remote Command Execution Vulnerability (CVE-2022-4223) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-12-17 13:59:46
Name: rsas-vulweb-V6.0R02F00.2805.dat Version:6.0.28.5
MD5:ee8a2ddff8508038db1e1e2f5377feb6 Size:750.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2804 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2804 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2805 .

The upgrade package includes the following updates:
1. Add Next.js Path Traversal Vulnerability (CVE-2020-5284) Plug-in.
2. Add YApi Remote Command Execution Vulnerability Plug-in.
3. Add NoSQL Injection Vulnerability Detected in Yapi Plug-in.
4. Add MotionEye Information Disclosure Vulnerability (CVE-2022-25568) Plug-in.
5. Add Default Passwords Detected in rConfig Plug-in.
6. Add Weak Passwords Detected in rConfig Plug-in.
7. Add SQL injection vulnerability Detected in rConfig v3.9.4 (CVE-2020-10220) Plug-in.
8. Add Roxy-WI System Command Injection Vulnerability (CVE-2022-31137) Plug-in.
9. Add Fortinet Authentication Bypass Vulnerability (CVE-2022-40684) Plug-in.
10. Add rConfig v3.9.2 Unauthorized Remote Code Execution Vulnerability (CVE-2019-16662) Plug-in.
11. Add rConfig v3.9.2 Backend Remote Code Execution Vulnerability (CVE-2019-16663) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-12-03 10:11:00
Name: rsas-vulweb-V6.0R02F00.2804.dat Version:6.0.28.4
MD5:40535196322e318ae214e389a3de2522 Size:951.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2803 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2803 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2804 .

The upgrade package includes the following updates:
1. Add Directory Traversal Vulnerability Detected in the Target Server Plug-in.
2. Add Spring Boot Actuator Logview Path Traversal Vulnerability (CVE-2021-21234) Plug-in.
3. Add MkDocs Path Traversal Vulnerability (CVE-2021-40978) Plug-in.
4. Add Teledyne FLIR AX8 Path Traversal Vulnerability (CVE-2022-37060) Plug-in.
5. Add Liftoff GateOne Path Traversal Vulnerability (CVE-2020-35736) Plug-in.
6. Add Dahua DSS Arbitrary File Download Vulnerability (CNVD-2020-61986) Plug-in.
7. Add Blue Sea Zhuo Yue Billing Management System Arbitrary File Download Vulnerability (CNVD-2021-21602) Plug-in.
8. Add JeeWMS Unauthorized Arbitrary File Read Vulnerability (CNVD-2020-61972) Plug-in.
9. Add Next.js Path Traversal Vulnerability (CVE-2017-16877) Plug-in.
10. Add Pulse Secure Path Traversal Vulnerability (CVE-2019-11510) Plug-in.
11. Add Huawei HG659 Arbitrary File Read Vulnerability (CNVD-2021-45398) Plug-in.
12. Add GoCD Arbitrary File Read Vulnerability (CVE-2021-43287) Plug-in.
13. Add HexMeet fileDownload Arbitrary File Read Vulnerability Plug-in.
14. Add Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2022-41082) Plug-in.
15. Add ACTi Web Configurator Arbitrary File Read Vulnerability (CNVD-2021-37981) Plug-in.
16. Add Microsoft Exchange Server Server-Side Request Forgery Vulnerability (CVE-2022-41040) Plug-in.
17. Add Alibaba AnyProxy Arbitrary File Read Vulnerability Plug-in.
18. Add KEDACOM MTS Transcoding Server Arbitrary File Read Vulnerability (CNVD-2020-48650) Plug-in.
19. Add WiseGiga NAS Arbitrary File Read Vulnerability (CNVD-2020-51406) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-11-18 22:02:45
Name: rsas-vulweb-V6.0R02F00.2803.dat Version:6.0.28.3
MD5:f8f3ac1524bd2a26c8e88a8f82ff4916 Size:738.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2802 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2802 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2803 .

The upgrade package includes the following updates:
1. Add GeoServer SSRF Vulnerability (CVE-2021-40822) Plug-in.
2. Add ZOHO ManageEngine Desktop Central Information Disclosure Vulnerability (CVE-2022-23779) Plug-in.
3. Add Jupyter Notebook Unauthorized Access Vulnerability Plug-in.
4. Add SeaCMS Backend Directory Traversal Vulnerability Plug-in.
5. Add SeaCMS Backend Command Execution Vulnerability (CNVD-2020-22721) Plug-in.
6. Add SeaCMS Through 9.92 Arbitrary Code Execution Vulnerability Plug-in.
7. Add SeaCMS V8.7 SQL Injection Vulnerability Plug-in.
8. Add SeaCMS V6.45 Arbitrary Code Execution Vulnerability Plug-in.
9. Add SeaCMS V6.54 Arbitrary Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-11-04 20:25:09
Name: rsas-vulweb-V6.0R02F00.2802.dat Version:6.0.28.2
MD5:bea87c4c561730939598b37ac13e70b4 Size:714.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2801 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2801 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2802 .

The upgrade package includes the following updates:
1. Add Apache Airflow Privilege Bypass Vulnerability Plug-in.
2. Add Oracle Access Manager Remote Code Execution Vulnerability Plug-in.
3. Add Web Application Firewall Detected in the Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-10-24 18:30:43
Name: rsas-vulweb-V6.0R02F00.2801.dat Version:6.0.28.1
MD5:a7d605cdc554be5c9e59503cc634f74d Size:163.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2800 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2800 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2801 .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-10-18 13:02:50
Name: rsas-vulweb-V6.0R02F00.2800.dat Version:6.0.28.0
MD5:b3a909ab6370c759106f6b7e3a64408b Size:6.59M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.27* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2800 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2701.dat to rsas-vulweb-V6.0R02F00.2711.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-09-30 17:28:59
Name: rsas-vulweb-V6.0R02F00.2711.dat Version:6.0.27.11
MD5:d6d56a2aef34ac985b60c4af3c488c71 Size:882.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2710 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2710 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2711 .

The upgrade package includes the following updates:
1. Add Zimbra Collaboration Remote Code Execution Vulnerability(CVE-2022-27925) Plug-in.
2. Add Elasticsearch Kibana Component Unauthorized Access Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-09-28 21:26:54
Name: rsas-vulweb-V6.0R02F00.2710.dat Version:6.0.27.10
MD5:7ce8743f8d7f5bbfd3263a7114954af2 Size:776.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2709 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2709 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2710 .

The upgrade package includes the following updates:
1. Add Apache Spark Shell Command Injection Vulnerability (CVE-2022-33891) Plug-in.
2. Add Apache Tapestry Arbitrary File Read Vulnerability (CVE-2019-0195) Plug-in.
3. Add Apache Tapestry Arbitrary File Read Vulnerability (CVE-2021-27850) Plug-in.
4. Add Fastjson Remote Code Execution Vulnerability Detected in Seeyon OA Plug-in.
5. Add Weak Passwords Detected in Webmin Plug-in.
6. Add Webmin Command Injection Vulnerability (CVE-2022-36446) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-09-05 19:18:03
Name: rsas-vulweb-V6.0R02F00.2709.dat Version:6.0.27.9
MD5:49861dc8170c055b2c5328a52215bfac Size:682.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2708 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2708 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2709 .

The upgrade package includes the following updates:
1. Add Yonyou Chanjet Tplus Arbitrary File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-08-30 15:01:24
Name: rsas-vulweb-V6.0R02F00.2708.dat Version:6.0.27.8
MD5:e97b090fe9e84e11d89b5c1807dfb1d9 Size:793.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2707 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2707 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2708 .

The upgrade package includes the following updates:
1. Add Yonyou NC Arbitrary File Upload Vulnerability Plug-in.
2. Add Weaver E-cology Arbitrary File Upload Vulnerability Plug-in.
3. Add Tosec OSMS SQL injection vulnerability Plug-in.
4. Add Maipu ISG1000 Security Gateway Arbitrary File Download Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-08-19 19:28:55
Name: rsas-vulweb-V6.0R02F00.2707.dat Version:6.0.27.7
MD5:5411894c9412b6a54bf3a5678b9f1ee5 Size:707.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2706 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2706 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2707 .

The upgrade package includes the following updates:
1. Add Rockoa Arbitrary File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-07-30 16:39:26
Name: rsas-vulweb-V6.0R02F00.2706.dat Version:6.0.27.6
MD5:c7adcb06dfd812453e79683d423695f2 Size:707.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2705 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2705 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2706 .

The upgrade package includes the following updates:
1. Add Wanhu OA Arbitrary File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-07-29 19:45:05
Name: rsas-vulweb-V6.0R02F00.2705.dat Version:6.0.27.5
MD5:1e47a9cfa44e6f99304bb35600f285f7 Size:633.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2704 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2704 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2705 .

The upgrade package includes the following updates:
1. Add ZenTao Project Management Software SQL Injection Vulnerability (CNVD-2022-42853) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-07-27 14:02:18
Name: rsas-vulweb-V6.0R02F00.2704.dat Version:6.0.27.4
MD5:1d621dbd67f96d80ac64519b86c7d86f Size:629.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2703 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2703 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2704 .

The upgrade package includes the following updates:
1. Add Tongda OA Default Weak Password Vulnerability Plug-in.
2. Add Tongda OA Unauthenticated User Enumeration Plug-in.
3. Add Tongda OA File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-07-25 20:29:55
Name: rsas-vulweb-V6.0R02F00.2703.dat Version:6.0.27.3
MD5:bbc8a87d23ad511297694ac93eba18bf Size:717.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2702 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2702 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2703 .

The upgrade package includes the following updates:
1. Add 74cms ajaxPersonal SQL Injection Vulnerability Plug-in.
2. Add Apache SkyWalking SQL Injection Vulnerability (CVE-2020-9483) Plug-in.
3. Add Apache SkyWalking 8.3.0 SQL Injection Vulnerability Plug-in.
4. Add Apache SkyWalking SQL Injection Vulnerability (CVE-2020-13921) Plug-in.
5. Add Zabbix Management Platform Unauthorized Access Vulnerability (CNVD-2020-44110) Plug-in.
6. Add Landray OA Arbitrary File Read Vulnerability Plug-in.
7. Add Weaver E-office SQL Injection Vulnerability (CNVD-2022-43246) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-07-22 17:48:38
Name: rsas-vulweb-V6.0R02F00.2702.dat Version:6.0.27.2
MD5:1b51045a90ec2686825c89add8019920 Size:624.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2701 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2701 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2702 .

The upgrade package includes the following updates:
1. Add Landray OA Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-07-11 11:36:53
Name: rsas-vulweb-V6.0R02F00.2701.dat Version:6.0.27.1
MD5:3083051fe0594e1f3b9cfc816722f213 Size:6.15M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2700 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2700 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2701 .

The upgrade package includes the following updates:
1. Add Spring Data MongoDB SpEL Expression Injection Vulnerability (CVE-2022-22980) Plug-in.
2. Add QuarkMail Remote Code Execution Vulnerability Plug-in.
3. Add D-Link DCS Information Disclosure Vulnerability (CVE-2020-25078) Plug-in.
4. Add Zyxel NBG2105 Authentication Bypass Vulnerability (CVE-2021-3297) Plug-in.
5. Add Wayos AC Centralized Management System Default Weak Password Vulnerability (CNVD-2021-0087) Plug-in.
6. Add Kingsoft Terminal Security System upload.php File Upload Vulnerability Plug-in.
7. Add WordPress SuperForms Plugin File Upload Vulnerability Plug-in.
8. Add VMware vRealize Operations Manager SSRF Vulnerability (CVE-2021-21975) Plug-in.
9. Add Apache Solr Arbitrary File Read Vulnerability Plug-in.
10. Add Weaver E-Office Backend Arbitrary File Upload Vulnerability Plug-in.
11. Update Apache Shiro RememberMe Parameter Key Enumeration Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-07-08 17:32:34
Name: rsas-vulweb-V6.0R02F00.2700.dat Version:6.0.27.0
MD5:e65eb60520eb7462530ce724f003f199 Size:1.25M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.26* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2700 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2601.dat to rsas-vulweb-V6.0R02F00.2606.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-07-02 15:57:21
Name: rsas-vulweb-V6.0R02F00.2606.dat Version:6.0.26.6
MD5:d06df0865fac6cec4979c9763d2eebbc Size:699.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2605 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2605 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2606 .

The upgrade package includes the following updates:
1. Add Bonitasoft Privilege Escalate Vulnerability (CVE-2022-25237) Plug-in.
2. Add Weak Passwords Detected in Bonitasoft Plug-in.
3. Add Default Passwords Detected in Bonitasoft Plug-in.
4. Add Wordpress BuddyPress REST API Privilege Escalate Vulnerability(CVE-2021-21389) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-06-17 17:15:13
Name: rsas-vulweb-V6.0R02F00.2605.dat Version:6.0.26.5
MD5:07f0db58f806a0f3ef2da71b2e773404 Size:732.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2604 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2604 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2605 .

The upgrade package includes the following updates:
1. Add Spring Security OAuth2 Remote Code Execution Vulnerability (CVE-2016-4977) Plug-in.
2. Add Apache Solr XML Entity Injection Vulnerability (CVE-2017-12629) Plug-in.
3. Add Apache Solr Server-Side Request Forgery Vulnerability (CVE-2021-27905) Plug-in.
4. Add WSO2 API Manager Remote Command Execution Vulnerability (CVE-2022-29464) Plug-in.
5. Add Weak Passwords Detected in WSO2 API Manager Plug-in.
6. Add Default Passwords Detected in WSO2 API Manager Plug-in.
7. Add Drawio Server-Side Request Forgery Vulnerability (CVE-2022-1713) Plug-in.
8. Add Confluence Server and Data Center RCE(CVE-2022-26134) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-06-07 09:36:53
Name: rsas-vulweb-V6.0R02F00.2604.dat Version:6.0.26.4
MD5:60d76f2bd2a26bbe03845b04c34cf912 Size:726.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2603 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2603 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2604 .

The upgrade package includes the following updates:
1. Add F5 BIG-IP iControl REST Unauthenticated Remote Command Execution Vulnerability (CVE-2022-1388) Plug-in.
2. Add Log4j2 Remote Code Execution Vulnerability Detected in Seeyon OA Plug-in.
3. Add JEECMS V6-V7 Arbitrary File Upload Vulnerability Plug-in.
4. Add JEECMS V6 Arbitrary File Upload Vulnerability Plug-in.
5. Add JEECMS V7 Arbitrary File Download Vulnerability Plug-in.
6. Add JEECMS V7 Arbitrary User Unauthorized Access Vulnerability Plug-in.
7. Add JEECMS V8.1 Background Arbitrary File Write Vulnerability Plug-in.
8. Add Default Passwords Detected in JEECMS Plug-in.
9. Update Apache Log4j2 Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-05-24 09:36:00
Name: rsas-vulweb-V6.0R02F00.2603.dat Version:6.0.26.3
MD5:a81ca5914a55a0c0d1b4c7ff9280cfef Size:914.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2602 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2602 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2603 .

The upgrade package includes the following updates:
1. Add YouPHPTube-Encoder 2.3 Remote Code Execution Vulnerability (CVE-2019-5127) Plug-in.
2. Add YouPHPTube-Encoder 2.3 Remote Code Execution Vulnerability (CVE-2019-5128) Plug-in.
3. Add YouPHPTube-Encoder 2.3 Remote Code Execution Vulnerability (CVE-2019-5129) Plug-in.
4. Add Nexus Repository Manager 3 Remote Command Execution Vulnerability (CVE-2019-7238) Plug-in.
5. Add Nexus Repository Manager 3 Remote Command Execution Vulnerability (CVE-2020-10199) Plug-in.
6. Add Nexus 2 Yum Plugin Remote Command Execution Vulnerability (CVE-2019-5475) Plug-in.
7. Add Nexus 2 Yum Plugin Remote Command Execution Vulnerability (CVE-2019-15588) Plug-in.
8. Add Default Passwords Detected in Nexus Repository Manager Plug-in.
9. Add Weak Passwords Detected in Nexus Repository Manager Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-05-07 22:00:29
Name: rsas-vulweb-V6.0R02F00.2602.dat Version:6.0.26.2
MD5:04d52cd27b70f11a3567640b99918a5f Size:873.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2601 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2601 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2602 .

The upgrade package includes the following updates:
1. Add MingSoft MCMS SQL Injection Vulnerability (CVE-2022-23898) Plug-in.
2. Add MingSoft MCMS SQL Injection Vulnerability (CVE-2022-23899) Plug-in.
3. Add MingSoft MCMS SQL Injection Vulnerability (CVE-2022-25125) Plug-in.
4. Add Pivotal Software Spring Cloud Config Path Directory Vulnerability (CVE-2020-5405) Plug-in.
5. Add VMware Software Spring Cloud Config Path Directory Vulnerability (CVE-2020-5410) Plug-in.
6. Add Pivotal Software Spring Cloud Config Path Directory Vulnerability (CVE-2019-3799) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-04-24 18:40:22
Name: rsas-vulweb-V6.0R02F00.2601.dat Version:6.0.26.1
MD5:e2fd5595e43c8f5bb5bd1dbcbdefff91 Size:668.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2600 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2600 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2601 .

The upgrade package includes the following updates:
1. Add Apache APISIX Remote Code Execution Vulnerability (CVE-2022-24112) Plug-in.
2. Add Detection of Weak Passwords on Apache APISIX Plug-in.
3. Add Detection of Default Keys on Apache APISIX Plug-in.
4. Add Apache Struts RCE S2-062(CVE-2021-31805) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-04-15 18:08:54
Name: rsas-vulweb-V6.0R02F00.2600.dat Version:6.0.26.0
MD5:c0ab63133ca5079b9c5a6d638452ca1e Size:7.24M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.25* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2600 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2501.dat to rsas-vulweb-V6.0R02F00.2508.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-04-08 20:16:22
Name: rsas-vulweb-V6.0R02F00.2508.dat Version:6.0.25.8
MD5:2829b96df48c7d56c4c18aa59347123c Size:5.16M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2507 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2507 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2508 .

The upgrade package includes the following updates:
1. Add Apache httpd mod_proxy SSRF Vulnerability (CVE-2021-40438) Plug-in.
2. Add Target Site Detected to Use Swagger API Documents Plug-in.
3. Add Spring Cloud Function SpEL Expression Injection Vulnerability Plug-in.
4. Update MeterSphere Unauthorized File Upload Vulnerability (CVE-2021-45790) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-04-08 09:23:49
Name: rsas-vulweb-V6.0R02F00.2507.dat Version:6.0.25.7
MD5:0e804858b1108018464307236ceaec3b Size:591.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2506 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2506 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2507 .

The upgrade package includes the following updates:
1. Add Spring Framework Remote Code Execution Vulnerability Harmless Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-04-02 20:48:59
Name: rsas-vulweb-V6.0R02F00.2506.dat Version:6.0.25.6
MD5:f300953002b4e2013f1a05dd115772e6 Size:588.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2505 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2505 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2506 .

The upgrade package includes the following updates:
1. Add Spring Framework RCE Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-03-31 20:09:20
Name: rsas-vulweb-V6.0R02F00.2505.dat Version:6.0.25.5
MD5:73d10b67a334356ad4998fba9c7d4c76 Size:703.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2504 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2504 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2505 .

The upgrade package includes the following updates:
1. Add phpMyAdmin Before 5.1.2 XSS Vulnerability (CVE-2022-23808) Plug-in.
2. Add Jetty WEB-INF File Read Vulnerability (CVE-2021-34429) Plug-in.
3. Add DedeCMS SSTI Template Injection Plug-in.
4. Add Atlassian Jira Server Unauthorized SSRF Vulnerability (CVE-2019-8451) Plug-in.
5. Add GitLab Unauthorized SSRF Vulnerability (CVE-2021-22214) Plug-in.
6. Add WordPress UpdraftPlus Plugin Arbitrary Backfile Download Vulnerability (CVE-2022-0633) Plug-in.
7. Update ThinkPHP 5.x request.php Variable Overwrite Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-03-25 13:35:55
Name: rsas-vulweb-V6.0R02F00.2504.dat Version:6.0.25.4
MD5:5167b35a1b4652eb8e4d3a6ae0df72f2 Size:2.31M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2503 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2503 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2504 .

The upgrade package includes the following updates:
1. Add Zabbix SAML Authentication Bypass Vulnerability (CVE-2022-23131) Plug-in.
2. Add Detection of Weak Passwords on Zabbix Plug-in.
3. Add Zimbra XML External Entity Vulnerability (CVE-2019-9670) Plug-in.
4. Add Spring Cloud Gateway Actuator API SpEL Remote Code Execution Vulnerability(CVE-2022-22947) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-03-08 09:40:53
Name: rsas-vulweb-V6.0R02F00.2503.dat Version:6.0.25.3
MD5:a6f0f75913eca85848080ce338fbe689 Size:792.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2502 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2502 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2503 .

The upgrade package includes the following updates:
1. Add Gitblit Code Repositories with Anonymous Access Plug-in.
2. Add Gitblit Weak Password Plug-in.
3. Add Apache ShenYu Unauthorized Access Vulnerability (CVE-2022-23944) Plug-in.
4. Add phpMyAdmin 4.8.1 Remote File Containment Vulnerability (CVE-2018-12613) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-02-21 18:27:44
Name: rsas-vulweb-V6.0R02F00.2502.dat Version:6.0.25.2
MD5:30adcecf3d4c5aff9f69abd17bb68d93 Size:684.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2501 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2501 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2502 .

The upgrade package includes the following updates:
1. Update Apache Log4j2 Remote Code Execution Vulnerability Plug-in.
2. Update Grafana Unauthenticated Arbitrary File Read Vulnerability (CVE-2021-43798) Plug-in.
3. Update Detection of Source Code Disclosure in the Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-01-27 12:45:17
Name: rsas-vulweb-V6.0R02F00.2501.dat Version:6.0.25.1
MD5:30bf458eb369080f363eae40b2ef0749 Size:662.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2500 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2500 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2501 .

The upgrade package includes the following updates:
1. Add MeterSphere Remote Command Execution Vulnerability Plug-in.
2. Add MeterSphere Unauthorized File Upload Vulnerability (CVE-2021-45790) Plug-in.
3. Add MeterSphere File Read Vulnerability (CVE-2021-45789) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-01-14 18:44:54
Name: rsas-vulweb-V6.0R02F00.2500.dat Version:6.0.25.0
MD5:11d6633f8bb25f76a8816df944d0cebf Size:1.14M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.24* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2500 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2401.dat to rsas-vulweb-V6.0R02F00.2411.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-01-04 17:47:38
Name: rsas-vulweb-V6.0R02F00.2411.dat Version:6.0.24.11
MD5:ac2943cf3b4ec64848fef87c610103b2 Size:660.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2410 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2411 .

This package includes the following updates:
1. Add Atlassian Jira Server File Read Vulnerability (CVE-2020-29453).
2. Add Atlassian Jira Server File Read Vulnerability (CVE-2019-8442).
3. Add Atlassian Jira Server Unauthenticated User Enumeration (CVE-2019-8449).
4. Add Atlassian Jira Server Unauthenticated User Enumeration (CVE-2020-14181).
5. Add Grafana Unauthenticated Arbitrary File Read Vulnerability (CVE-2021-43798).
6. Add Apache APISIX Dashboard Unauthorized Access Vulnerability (CVE-2021-45232).

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2022-01-01 22:00:41
Name: rsas-vulweb-V6.0R02F00.2410.dat Version:6.0.24.10
MD5:761dfaf7b71c56232723609b04e5aa64 Size:754.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2409 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2410 .

This package includes the following updates:
1. Add Atlassian Jira Server File Read Vulnerability (CVE-2021-26086).
2. Add Atlassian Jira Server Unauthenticated User Enumeration (CVE-2020-36289).
3. Add Detection of Apache Log4j2 Remote Code Execution Vulnerability in Apache Druid .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used.

Release Time:2021-12-17 21:27:50
Name: rsas-vulweb-V6.0R02F00.2409.dat Version:6.0.24.9
MD5:775247eff2b994417b31453824baf34b Size:606.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2408 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2409 .

This package includes the following updates:
1. Update Apache Log4j2 Remote Code Execution Vulnerability(CVE-2021-44228).

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-12-15 19:50:11
Name: rsas-vulweb-V6.0R02F00.2408.dat Version:6.0.24.8
MD5:b03e989e65e636b7e4d579853f782b86 Size:579.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2407 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2408 .

This package includes the following updates:
1. Update Apache Log4j2 RCE.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-12-12 20:49:43
Name: rsas-vulweb-V6.0R02F00.2407.dat Version:6.0.24.7
MD5:daa6247e508c2b0443a9e6379fa5ded9 Size:569.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2406 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2407 .

This package includes the following updates:
1. Update Apache Log4j2 RCE.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-12-10 22:29:18
Name: rsas-vulweb-V6.0R02F00.2406.dat Version:6.0.24.6
MD5:f85975e219568d7c798aba8382df9504 Size:564.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2405 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2406 .

This package includes the following updates:
1. Add Apache Log4j2 RCE.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-12-10 05:03:29
Name: rsas-vulweb-V6.0R02F00.2405.dat Version:6.0.24.5
MD5:04a15d61bcee60a440c615bd7c2eb058 Size:765.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2404 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2405 .

This package includes the following updates:
1. Add Apache ShenYu Admin Authentication Bypass Vulnerability (CVE-2021-37580).
2. Add Metabase Sensitive Information Disclosure Vulnerability (CVE-2021-41277).
3. Add Apache Druid LoadData Arbitrary File Read Vulnerability (CVE-2021-36749).
4. Add Weaver E-office File Upload Vulnerability (CNVD-2021-49104).
5. Add Hikvision Product Command Injection Vulnerability (CVE-2021-36260).

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-12-06 09:29:57
Name: rsas-vulweb-V6.0R02F00.2404.dat Version:6.0.24.4
MD5:80b70f8c4c1d7a162dd1f006ba173b7b Size:692.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2403 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2404 .

This package includes the following updates:
1. Add Kingdee EAS build.jsp Directory Traversal Vulnerability.
2. Add Kingdee EAS Backend Arbitrary File Read Vulnerability.
3. Add Kingdee EAS logoImgServlet Page Directory Traversal Vulnerability.
4. Add Nacos Unauthorized Access Vulnerability (CVE-2021-29441).
5. Add SonarQube API Unauthorized Access Vulnerability (CVE-2020-27986).
6. Add Atlassian Confluence Server File Read Vulnerability (CVE-2021-26085).

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-11-19 18:12:40
Name: rsas-vulweb-V6.0R02F00.2403.dat Version:6.0.24.3
MD5:bee5f97ab9f1c2dc97744e100e67bcf3 Size:631.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2402 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2403 .

This package includes the following updates:
1. Add Kingdee EAS Log Information Disclosure Vulnerability.
2. Add Kingdee EAS Apusic Monitoring Information Disclosure Vulnerability.
3. Add GitLab Remote Command Execution Vulnerability (CVE-2021-22205).

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-11-05 19:05:21
Name: rsas-vulweb-V6.0R02F00.2402.dat Version:6.0.24.2
MD5:f6dbb17411516c499c2b01a178adc571 Size:805.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2401 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2402 .

This package includes the following updates:
1. Optimize crawler.
2. Add Apache HTTP Server Directory Traversal and Remote Command Execution Vulnerability (CVE-2021-41773).
3. Add Apache HTTP Server Directory Traversal and Remote Command Execution Vulnerability (CVE-2021-42013).
4. Add Nexus Repository UserComponent Remote Code Execution Vulnerability(CVE-2018-16621).
5. Add Nexus Repository UserComponent Remote Code Execution Vulnerability(CVE-2020-10204).
6. Add Atlassian JIRA Ehcache RMI Remote Code Execution Vulnerability (CVE-2020-36239).

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-10-30 11:54:33
Name: rsas-vulweb-V6.0R02F00.2401.dat Version:6.0.24.1
MD5:5a1519eeeb885e45d628ee5dfa1f58ab Size:636.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2400 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2401 .

This package includes the following updates:
1. Add ECShop Backend delete_cart_goods.php SQL Injection Vulnerability (CNVD-2020-58823).
2. Add ECShop Backend mobile_setting.php SQL Injection Vulnerability.
3. Add ECShop 2.x/3.x user.php SQL Injection Vulnerability.
4. Add Kingdee EAS Information Disclosure Vulnerability.
5. Add Kingdee EAS Directory Traversal Vulnerability (CNVD-2021-09699).
6. Update Detection of Storage XSS Vulnerability on Target URL.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-10-18 11:08:41
Name: rsas-vulweb-V6.0R02F00.2400.dat Version:6.0.24.0
MD5:d6a426db0d0362c50a4e4aa740357441 Size:1.39M
Description:


This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.23* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2400 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2301.dat to rsas-vulweb-V6.0R02F00.2307.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-10-08 10:39:36
Name: rsas-vulweb-V6.0R02F00.2307.dat Version:6.0.23.7
MD5:52ee84a43d54cafa196312bc68f00e96 Size:772.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2306 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2306 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2307 .

The upgrade package includes the following updates:
1. Add phpunit Remote Code Execution Vulnerability (CVE-2017-9841) Plug-in.
2. Add UEditor File Upload Vulnerability Plug-in.
3. Add ECShop Backend shopinfo.php SQL Injection Vulnerability (CNVD-2016-12221) Plug-in.
4. Add ECShop Backend order.php SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-09-24 14:49:48
Name: rsas-vulweb-V6.0R02F00.2306.dat Version:6.0.23.6
MD5:9272c82a1eabfdec8eb55a7ac99fdbeb Size:1.15M
Description:


This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2305 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2305 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2306 .

The upgrade package includes the following updates:
1. Add Atlassian Confluence Remote Code Execution Vulnerability (CVE-2021-26084) Plug-in.
2. Update Plug-in time consuming optimization.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-09-06 09:52:21
Name: rsas-vulweb-V6.0R02F00.2305.dat Version:6.0.23.5
MD5:91e3a73267cbecaf2438ff7e1f2b9f37 Size:544.9K
Description:


This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2304 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2304 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2305 .

The upgrade package includes the following updates:
1. Add Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-34473) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-08-25 10:09:32
Name: rsas-vulweb-V6.0R02F00.2304.dat Version:6.0.23.4
MD5:4f5478ec16f43d1189c65bcb1c51b7d8 Size:716.1K
Description:


This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2303 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2303 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2304 .

The upgrade package includes the following updates:
1. Add WordPress wpDiscuz Plugin Arbitrary File Upload Vulnerability (CVE-2020-24186) Plug-in.
2. Add WordPress wpDiscuz Plugin SQL Injection Vulnerability (CVE-2020-13640) Plug-in.
3. Add WordPress Super Progressive Web Apps Before 2.1.11 Arbitrary File Vulnerability Plug-in.
4. Add WordPress Super Progressive Web Apps Before 2.1.12 Arbitrary File Vulnerability Plug-in.
5. Update Detection of Relative Path Overwrite Vulnerability in Target URL Plug-in.
6. Update Arbitrary File Access Vulnerability Detected on Target Host Plug-in.
7. Update Ruijie Networks RSR Router Web Management Weak Password Plug-in.
8. Update Weaver E-cology OA System SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-08-20 18:52:29
Name: rsas-vulweb-V6.0R02F00.2303.dat Version:6.0.23.3
MD5:286fa5002a971d3cc09fcc11fbfa45ea Size:685.2K
Description:


This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2302 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2302 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2303 .

The upgrade package includes the following updates:
1. Add Hashicorp Consul Web UI and API Unauthorized Access Plug-in.
2. Add Hashicorp Consul Services API Remote Command Execution Plug-in.
3. Add Hashicorp Consul Remote Command Execution Plug-in.
4. Add Ruijie Networks RSR Router Web Management Weak Password Plug-in.
5. Add Zabbix latest.php SQL Injection Vulnerability Plug-in.
6. Add H2 Database Console Unauthorized Access Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-08-06 17:31:00
Name: rsas-vulweb-V6.0R02F00.2302.dat Version:6.0.23.2
MD5:9707e9477873a6169fe5f7fd2bcf5fe8 Size:633.7K
Description:


This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2301 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2301 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2302 .

The upgrade package includes the following updates:
1. Add Frontier Document Security System Remote Code Execution Vulnerability Plug-in.
2. Add ECShop Backend comment_manage.php SQL Injection Vulnerability Plug-in.
3. Add ECShop Backend shophelp.php SQL Injection Vulnerability Plug-in.
4. Add ECShop Backend affiliate_ck.php SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-07-26 11:18:56
Name: rsas-vulweb-V6.0R02F00.2301.dat Version:6.0.23.1
MD5:0a69e1c06903daa5badf2dca0abfa241 Size:592.9K
Description:


This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2300 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2300 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2301 .

The upgrade package includes the following updates:
1. Add 74CMS Template Injection getshell Vulnerability Plug-in.
2. Add Apache Kylin Unauthorized Configuration Information Disclosure Vulnerability (CVE-2020-13937) Plug-in.
3. Add Node-RED ui_base Arbitrary File Read Vulnerability (CVE-2021-3223) Plug-in.
4. Add Fuma Cloud SQL Injection Vulnerability Plug-in.
5. Update Apache Struts S2-009 'ParameterInterceptor' Security Bypass Vulnerability (CVE-2011-3923) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-07-09 19:08:03
Name: rsas-vulweb-V6.0R02F00.2300.dat Version:6.0.23.0
MD5:7b97c9978ea03927a9a29ed5573983a7 Size:677.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.22* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2300 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2201.dat to rsas-vulweb-V6.0R02F00.2204.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-06-30 14:13:57
Name: rsas-vulweb-V6.0R02F00.2204.dat Version:6.0.22.4
MD5:73f799d75acaddfe4fd67a77194bdf19 Size:594.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2203 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2203 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2204 .

The upgrade package includes the following updates:
1. Add Jetty Information Disclosure Vulnerability (CVE-2021-28164) Plug-in.
2. Add Jetty Servlets Common Component ConcatServlet Information Disclosure Vulnerability (CVE-2021-28169) Plug-in.
3. Add Yonyou NC BeanShell Remote Code Execution Vulnerability (CNVD-2021-30167) Plug-in.
4. Add Sangfor Behavior Awareness System Remote Command Execution Vulnerability Plug-in.
5. Add Sangfor Log Center Platform DC Remote Command Execution Vulnerability Plug-in.
6. Add Anysec Next-Generation Firewall Control System Account Password Leakage Vulnerability Plug-in.
7. Add Anysec Next-Generation Firewall Control System download.php Arbitrary File Read Vulnerability Plug-in.
8. Add Ruijie UAC 6000-ISG Video Surveillance Security Gateway System Account Password Leakage Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-06-18 20:24:50
Name: rsas-vulweb-V6.0R02F00.2203.dat Version:6.0.22.3
MD5:dd7a1d8931fb77b5c1c630a3676304af Size:622.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2202 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2202 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2203 .

The upgrade package includes the following updates:
1. Add H3C Intelligent Management Center Default Password Vulnerability Plug-in.
2. Add H3C Intelligent Management Center dynamiccontent.properties.xhtm Remote Command Execution Vulnerability Plug-in.
3. Add Weaver e-cology OA System WorkflowServiceXml Remote Code Execution Vulnerability Plug-in.
4. Add Qilai OA messageurl.aspx SQL Injection Vulnerability Plug-in.
5. Add Qilai OA treelist.aspx SQL Injection Vulnerability Plug-in.
6. Add Qilai OA CloseMsg.aspx SQL Injection Vulnerability Plug-in.
7. Add Qilai OA GetUser.aspx SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-06-07 10:18:11
Name: rsas-vulweb-V6.0R02F00.2202.dat Version:6.0.22.2
MD5:9f22e3f16a30dc62155d941a7556e9ed Size:595.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2201 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2201 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2202 .

The upgrade package includes the following updates:
1. Add Landray OA custom.jsp Arbitrary File Read Vulnerability Plug-in.
2. Add Ruijie EG Web Management System Administrator Password Information Disclosure Vulnerability Plug-in.
3. Add Ruijie EG Web Management System download.php Arbitrary File Read Vulnerability Plug-in.
4. Add Ruijie EG Web Management System cli.php Remote Command Execution Vulnerability Plug-in.
5. Add Alibaba Canal Default Password Vulnerability Plug-in.
6. Add Alibaba Canal config Cloud Key Information Disclosure Vulnerability Plug-in.
7. Add Citrix XenMobile help-sb-download.jsp Arbitrary File Read Vulnerability (CVE-2020-8209) Plug-in.
8. Add H3C SecParh Operation and Maintenance Audit System Arbitrary User Login Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-05-24 12:12:42
Name: rsas-vulweb-V6.0R02F00.2201.dat Version:6.0.22.1
MD5:50ffd735074733840ca8e238fa54c772 Size:593.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2200 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2200. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2201 .

The upgrade package includes the following updates:
1. Add Kingsoft V8+ Terminal Security System downfile.php Arbitrary File Reading Vulnerability Plug-in .
2. Add ThinkAdmin v6 Directory Information Disclosure Vulnerability Plug-in .
3. Add Seeyon A6-M Collaborative Management Software initDataAssess.jsp User Sensitive Information Disclosure Vulnerability Plug-in .
4. Add Seeyon A6-M Collaborative Management Software DownExcelBeanServlet User Sensitive Information Disclosure Vulnerability Plug-in .
5. Add Yonyou U8 OA test.jsp SQL Injection Vulnerability Plug-in .
6. Add Yonyou GRP-U8 XXE Vulnerability Plug-in .
7. Add Ruijie Cloud Class Directory List Information Disclosure Vulnerability Plug-in .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-05-07 19:38:40
Name: rsas-vulweb-V6.0R02F00.2200.dat Version:6.0.22.0
MD5:916a0e18293022963ee3e73f20ab38eb Size:2.53M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.21* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2200 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2101.dat to rsas-vulweb-V6.0R02F00.2117.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-04-30 15:20:44
Name: rsas-vulweb-V6.0R02F00.2117.dat Version:6.0.21.17
MD5:b32c8f479d10f0c179d3c359e528d24c Size:684.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2116 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2116 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2117 .

The upgrade package includes the following updates:
1. Add Apache OFBiz Deserialization Command Execution Vulnerability (CVE-2020-9496) Plug-in.
2. Add Apache OFBiz XXE Vulnerability (CVE-2018-8033) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-04-26 16:43:16
Name: rsas-vulweb-V6.0R02F00.2116.dat Version:6.0.21.16
MD5:d63c25b96cd5f3ffbaff1d3cc3016a79 Size:563.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2115 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2115 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2116 .

The upgrade package includes the following updates:
1. Add Kingsoft V8+ Terminal Security System pdf_maker.php Remote Command Execution Vulnerability Plug-in.
2. Add RuoYi Management System Ali Druid Unauthorized Access Vulnerability Plug-in.
3. Add RuoYi Management System Arbitrary File Download Vulnerability Plug-in.
4. Add Lanproxy Directory Traversal Vulnerability (CVE-2021-3019) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-04-22 18:53:37
Name: rsas-vulweb-V6.0R02F00.2115.dat Version:6.0.21.15
MD5:5a68e34dfe7f44a73c18b51d7001f56a Size:558.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2114 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2114 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2115 .

The upgrade package includes the following updates:
1. Add MessageSolution Information Disclosure Vulnerability (CNVD-2021-10543) Plug-in.
2. Add Tpshop Directory Traversal Vulnerability Plug-in.
3. Add ThinkAdmin v6 Arbitrary File Read Vulnerability (CVE-2020-25540) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-04-21 19:36:58
Name: rsas-vulweb-V6.0R02F00.2114.dat Version:6.0.21.14
MD5:b71e4b35cce83cdd4060a571bb41fdbe Size:539.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2113 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2113 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2114 .

The upgrade package includes the following updates:
1. Add WebLogic T3 Deserialization Remote Code Execution Vulnerability Plug-in.
2. Add Ruijie RG-UAC System Information Disclosure Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-04-19 19:27:14
Name: rsas-vulweb-V6.0R02F00.2113.dat Version:6.0.21.13
MD5:627fe97ece8fd9af78472a2dcfeaeaba Size:532.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2112 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2112 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2113 .

The upgrade package includes the following update:
1. Add Weaver E-cology OA Unauthenticated Arbitrary File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-04-18 20:15:50
Name: rsas-vulweb-V6.0R02F00.2112.dat Version:6.0.21.12
MD5:6362096ff07c267393f2f25840ff917a Size:571.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2111 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2111 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2112 .

The upgrade package includes the following updates:
1. Add Coremail Privilege Bypass Vulnerability Plug-in.
2. Add Coremail Tomcat Server Manager Weak Password Vulnerability Plug-in.
3. Add Ruijie Smartweb Manager System Weak Password Vulnerability Plug-in.
4. Add Datang AC System Weak Password Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-04-17 18:06:44
Name: rsas-vulweb-V6.0R02F00.2111.dat Version:6.0.21.11
MD5:3e6e5b98dde7d96d3c60dd1c9b0c98d2 Size:528.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2110 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2110 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2111 .

The upgrade package includes the following updates:
1. Add TongWeb Arbitrary File Upload Vulnerability Plug-in.
2. Add Kyan network monitoring device account and password leak vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-04-16 19:42:30
Name: rsas-vulweb-V6.0R02F00.2110.dat Version:6.0.21.10
MD5:60c732185efc2b410f4e16a4e6cfe45e Size:559.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2109 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2109 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2110 .

The upgrade package includes the following updates:
1. Add Seeyon A6-m User Session Information Disclosure Vulnerability Plug-in.
2. Add Seeyon A6-m test.jsp SQL Injection Vulnerability Plug-in.
3. Add Seeyon A6-m setextno.jsp SQL Injection Vulnerability Plug-in.
4. Add Ruijie NBR EWEB Remote Command Execution Vulnerability (CNVD-2021-09650) Plug-in.
5. Add Leagsoft IT Secure Management System Arbitrary File Upload Vulnerability Plug-in.
6. Add Seeyon A8-m Status Monitor Page Default Password Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-04-15 20:51:38
Name: rsas-vulweb-V6.0R02F00.2109.dat Version:6.0.21.9
MD5:7f44b4f35df91afa29e07942a64864f8 Size:526.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2108 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2108 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2109 .

The upgrade package includes the following updates:
1. Add Office Anywhere Online User Cookie Disclosure Vulnerability Plug-in.
2. Add Inspur ClusterEngine System SysShell Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-04-14 19:04:59
Name: rsas-vulweb-V6.0R02F00.2108.dat Version:6.0.21.8
MD5:4c63c8e4e09d03536a807133d98a18ba Size:537.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2107 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2107 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2108 .

The upgrade package includes the following updates:
1. Add Hikvision Streaming Media Manager Devices Arbitrary File Read Vulnerability (CNVD-2021-16007) Plug-in.
2. Add Hikvision Streaming Media Manager Devices Weakpassword (CNVD-2021-14544) Plug-in.
3. Add Kingsoft V8+ Endpoint Safety System Default Password Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-04-13 19:57:11
Name: rsas-vulweb-V6.0R02F00.2107.dat Version:6.0.21.7
MD5:67f399d3424ed082301f9fd9874273b8 Size:571.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2106 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2106 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2107 .

The upgrade package includes the following updates:
1. Add QI-ANXIN Endpoint Security Management System (Tianqing) SQL Injection Vulnerability Plug-in.
2. Add QI-ANXIN Endpoint Security Management System (Tianqing) Database Infomation Disclosure Vulnerability Plug-in.
3. Add eYou Mail System Remote Code Execution Vulnerability Plug-in.
4. Add Vesystem VENGD Arbitrary File Upload Remote Code Execution Vulnerability Plug-in.
5. Add Ruijie Smartweb Manager System Information Disclosure Vulnerability Plug-in.
6. Add iKuai Router System Arbitrary File Read Vulnerability (CNVD-2020-04878) Plug-in.
7. Add Apache Shiro Privilege Bypass Vulnerability (CVE-2020-1957) Plug-in.
8. Add Apache Shiro Privilege Bypass Vulnerability (CVE-2020-11989) Plug-in.
9. Add Apache Shiro Privilege Bypass Vulnerability (CVE-2020-13933) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-04-12 20:06:50
Name: rsas-vulweb-V6.0R02F00.2106.dat Version:6.0.21.6
MD5:79f1b5f67bec502034f0375dd9e1bc5a Size:566.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2105 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2105 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2106 .

The upgrade package includes the following updates:
1. Add Samsung Router WLAN AP Arbitrary File Read Vulnerability (CNVD-2021-18483) Plug-in.
2. Add Samsung Router WLAN AP Remote Code Execution Vulnerability (CNVD-2021-18482) Plug-in.
3. Add Inspur ClusterEngine System Remote Code Execution Vulnerability Plug-in.
4. Add Inspur ClusterEngine System Any User Login Vulnerability Plug-in.
5. Add ShopXO Arbitrary File Read Vulnerability (CNVD-2021-14523) Plug-in.
6. Add Yinpeng Haoshitong Arbitrary File Download Vulnerability (CNVD-2020-62437) Plug-in.
7. Add Wangkang NGFW Remote Code Execution Vulnerability Plug-in.
8. Add Yongyou NCFindWeb Directory Traversal Vulnerabilities Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-04-11 18:03:41
Name: rsas-vulweb-V6.0R02F00.2105.dat Version:6.0.21.5
MD5:869db90065aad5bfcc7164d279fe1ea4 Size:516.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2104 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2104 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2105 .

The upgrade package includes the following update:
1. Add Yongyou NC Servlet Java Deserialization Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-04-11 13:06:02
Name: rsas-vulweb-V6.0R02F00.2104.dat Version:6.0.21.4
MD5:c20f5dbfb05cb638b2cb6de499c9889a Size:570.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2103 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2103 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2104 .

The upgrade package includes the following updates:
1. Add Shterm Arbitrary User Login Vulnerability Plug-in.
2. Add FineReport Arbitrary File Read Vulnerability (CNVD-2018-04757) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-04-10 17:44:09
Name: rsas-vulweb-V6.0R02F00.2103.dat Version:6.0.21.3
MD5:4729deb48d4336b51d6c5ad1878a3d5b Size:511.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2102 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2102 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2103 .

The upgrade package includes the following update:
1. Add Seeyon OA Administrator Cookie Information Disclosure Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-04-09 18:18:33
Name: rsas-vulweb-V6.0R02F00.2102.dat Version:6.0.21.2
MD5:8b73c6a973046e45e74fb388871ae32d Size:2.39M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2101 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2101 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2102 .

The upgrade package includes the following updates:
1. Add Detection of Unauthorized Access Vulnerability in Target Druid Monitor Plug-in.
2. Add Detection of Weak Passwords in iBMC Plug-in.
3. Add Seeyon OA Webmail Arbitrary File Read Vulnerability Plug-in.
4. Add Seeyon OA menu.do uploadMenuIcon File Write Vulnerability Plug-in.
5. Add Seeyon OA File Upload Vulnerability (CNVD-2020-10520) Plug-in.
6. Add Seeyon OA seeyonreport Server Path Traversal Vulnerability Plug-in.
7. Add Seeyon OA officeservlet Arbitrary File Read Vulnerability Plug-in.
8. Add F5 BIG-IP iControl REST Unauthenticated Remote Command Execution Vulnerability (CVE-2021-22986) Plug-in.
9. Add vulnerability verification plug-ins (The vulnerability verification function can work only in V6.0R04F00 and later).

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-04-09 17:36:43
Name: rsas-vulweb-V6.0R02F00.2101.dat Version:6.0.21.1
MD5:37f25c69e3ea838263a3d21f90b1cce3 Size:540.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2100 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2100 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2101 .

The upgrade package includes the following updates:
1. Add Weaver E-cology OA V9 Arbitrary File Upload Remote Code Execution Vulnerability Plug-in.
2. Add Jellyfin Arbitrary File Read Vulnerability (CVE-2021-21402) Plug-in .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-04-08 19:51:31
Name: rsas-vulweb-V6.0R02F00.2100.dat Version:6.0.21.0
MD5:9a513a0de6ce49173f4a9cc23e28dc91 Size:1.38M
Description:


This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.20* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2100 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2001.dat to rsas-vulweb-V6.0R02F00.2006.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-03-31 18:28:05
Name: rsas-vulweb-V6.0R02F00.2006.dat Version:6.0.20.6
MD5:30c658e8c85ef6d11cfcaa330684dab0 Size:583.3K
Description:


This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2005 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2005 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2006 .

The upgrade package includes the following updates:
1. Add Yonyou Arbitrary File Upload Vulnerability Plug-in.
2. Add Seeyon A8+ Collaborative Management Software Arbitrary File Upload Remote Code Execution Vulnerability Plug-in.
3. Add Seeyon OA ajax.do Privilege Bypass Vulnerability Plug-in.
4. Add Seeyon OA ajaxAction formulaManager File Upload Vulnerability Plug-in.
5. Add Seeyon OA m3 Interface Information Disclosure Vulnerability Plug-in.
6. Update LDAP Injection Detected on Target Website Plug-in.
7. Update Weaver E-cology OA V8 Arbitrary File Upload Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-03-19 21:57:20
Name: rsas-vulweb-V6.0R02F00.2005.dat Version:6.0.20.5
MD5:2cc2745aa66cf7ccc9ecc0bda33bd238 Size:525.6K
Description:


This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2004 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2004 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2005 .

The upgrade package includes the following updates:
1. Add Spring Boot Actuator Detected to Be Used at Target Site Plug-in.
2. Add Microsoft Exchange Server Server-Side Request Forgery Vulnerability (CVE-2021-26855) Plug-in.
3. Update Spring Boot Actuator Unauthorized Access Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-03-05 17:54:52
Name: rsas-vulweb-V6.0R02F00.2004.dat Version:6.0.20.4
MD5:55fbcccc0ae7e72dba10c45cc82b1acd Size:559.2K
Description:


This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2003 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2003 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2004 .

The upgrade package includes the following updates:
1. Add GoAhead Remote Command Execution Vulnerability Plug-in.
2. Update SQL Injection Vulnerability Detected on Target URL Plug-in.
3. Update WebLogic Deserialization Remote Code Execution Vulnerability (CVE-2019-2725) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-02-26 17:31:48
Name: rsas-vulweb-V6.0R02F00.2003.dat Version:6.0.20.3
MD5:a1090e6620dff180be3a314a25754363 Size:656.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2002 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2002 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2003 .

The upgrade package includes the following updates:
1. Add Laravel Ignition 2.5.1 Arbitrary Code Execution Vulnerability (CVE-2021-3129) Plug-in.
2. Add WebLogic Remote Code Execution Vulnerability (CVE-2021-2109) Plug-in.
3. Add SonicWall SSL-VPN Unauthentication RCE Vulnerability Plug-in.
4. Add Apache Druid Remote Code Execution Vulnerability (CVE-2021-25646) Plug-in.
5. Add Jackson-databind Multi Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-02-07 11:34:07
Name: rsas-vulweb-V6.0R02F00.2002.dat Version:6.0.20.2
MD5:b3e89b3a40a9da3d4971d86fbe386602 Size:569.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2001 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2001 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2002 .

The upgrade package includes the following updates:
1. Add Node.js Directory Traversal Vulnerability (CVE-2017-14849) Plug-in.
2. Add Jackson-databind Remote Code Execution Vulnerability (CVE-2020-36179) Plug-in.
3. Add JumpServer Unauthorized Access Remote Command Execution Vulnerability Plug-in.
4. Update WebLogic wls-wsat Component Remote Command Execution Vulnerability (CVE-2017-10271) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-01-22 15:30:39
Name: rsas-vulweb-V6.0R02F00.2001.dat Version:6.0.20.1
MD5:c5d03e8712fdc7e1221b7824e88b0c1c Size:1.12M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2000 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2000 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2001 .

The upgrade package includes the following updates:
1. Add Authentication Bypass for HTTP Verb Tampering Plug-in.
2. Add Detection of Absence of the Strict-Transport-Security Header on the Target Plug-in.
3. Add Detection of Absence of the Referrer-Policy Header on the Target Plug-in.
4. Add Detection of Absence of the X-Permitted-Cross-Domain-Policies Header on the Target Plug-in.
5. Add Detection of Absence of the X-Download-Options Header on the Target Plug-in.
6. Add Apache Flink Directory Traversal Vulnerability (CVE-2020-17519) Plug-in.
7. Update System Command Injection Vulnerability Detected in Target URL Plug-in.
8. Update Detection of Source Code Disclosure in the Target Website Plug-in.
9. Update Elasticsearch Groovy Arbitrary Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2021-01-08 21:05:50
Name: rsas-vulweb-V6.0R02F00.2000.dat Version:6.0.20.0
MD5:64263e439982d0e909d531af2328b444 Size:96.99M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.19* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2000 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1901.dat to rsas-vulweb-V6.0R02F00.1909.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-12-31 18:05:50
Name: rsas-vulweb-V6.0R02F00.1909.dat Version:6.0.19.9
MD5:d4bd65adb98275c2f0a32717f847749e Size:93.55M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1908 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1908 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1909 .

The upgrade package includes the following updates:
1. Add Flask (Jinja2) Server-Side Template Injection (SSTI) Vulnerability Plug-in.
2. Add Yongyou NC Java Deserialization Remote Code Execution Vulnerability Plug-in.
3. Add Jetty Web Server Shared Buffers Remote Disclosure Vulnerability (CVE-2015-2080) Plug-in.
4. Add SiteServer background_log.aspx SQL Injection Vulnerability Plug-in.
5. Add eYou Mail System em_controller_action_help.class.php SQL Injection Vulnerability Plug-in.
6. Add KesionCMS 6.x-7.06 /user/reg/regajax.asp SQL Injection Vulnerability Plug-in.
7. Update Spring Boot Actuator Unauthorized Access Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-12-21 11:12:15
Name: rsas-vulweb-V6.0R02F00.1908.dat Version:6.0.19.8
MD5:05af7a9fb3e688ba191fcb5a54f4f5b4 Size:365.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1907 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1907 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1908 .

The upgrade package includes the following update:
1. Add Apache Struts2 S2-061 Remote Code Execution Vulnerability (CVE-2020-17530) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-12-10 13:26:50
Name: rsas-vulweb-V6.0R02F00.1907.dat Version:6.0.19.7
MD5:7baeb2ff3d06427c213a0174b412e191 Size:1.19M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1906 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1906 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1907 .

The upgrade package includes the following updates:
1. Add vulnerability verification plug-ins (The vulnerability verification function can work only in V6.0R04F00 and later).
2. Add Apache Struts2 S2-017 Multiple Open Redirect Vulnerabilities (CVE-2013-2248) Plug-in.
3. Add DedeCMS 5.7SP1 /plus/recommend.php SQL Injection Vulnerability Plug-in.
4. Update SQL Injection Vulnerability Detected on Target URL Plug-in.
5. Update ASP Code Injection Vulnerability Detected at Target Website Plug-in.
6. Update System Directory Disclosure on Target Server Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-12-07 09:55:41
Name: rsas-vulweb-V6.0R02F00.1906.dat Version:6.0.19.6
MD5:b9545cf39977517c2916612b06a48747 Size:2.57M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1905 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1905 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1906 .

The upgrade package includes the following updates:
1. Add vulnerability verification plug-ins (The vulnerability verification function can work only in V6.0R04F00 and later).
2. Update Detection of Weak Password on Target Web Application Form Plug-in.
3. Update SQL Injection Login Restriction Bypass Vulnerability on Target Website Plug-in.
4. Update WebLogic Deserialization Remote Code Execution Vulnerability (CVE-2019-2725) Plug-in.
5. Update Apache Struts 2 S2-059 Remote Code Execution Vulnerability (CVE-2019-0230) Plug-in.
6. Update Detection of Sensitive Words in the Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-11-24 10:15:00
Name: rsas-vulweb-V6.0R02F00.1905.dat Version:6.0.19.5
MD5:e61c96b68043c1e9d89b4a888111098a Size:582.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1904 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1904 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1905 .

The upgrade package includes the following updates:
1. Add vulnerability verification plug-ins (The vulnerability verification function can work only in V6.0R04F00 and later).
2. Add Weaver E-cology OA V8 Arbitrary File Upload Remote Code Execution Vulnerability Plug-in.
3. Add Apache Shiro RememberMe Deserialization Process Command Execution Vulnerability Plug-in.
4. Add Spring Data Commons Remote Command Execution Vulnerability (CVE-2018-1273) Plug-in.
5. Add Detection of Sensitive Words in the Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-11-10 09:17:06
Name: rsas-vulweb-V6.0R02F00.1904.dat Version:6.0.19.4
MD5:4b5639089392a414909bfc294ea1dded Size:352.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1903 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1903 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1904 .

The upgrade package includes the following updates:
1. Add WebLogic Console HTTP Remote Code Execution Vulnerability (CVE-2020-14883) Plug-in.
2. Add WebLogic Console Unauthorized Access Vulnerability (CVE-2020-14882) Patch Bypass Plug-in.
3. Add WebLogic Console Unauthorized Access Vulnerability (CVE-2020-14882) Plug-in.
4. Update WebLogic Console HTTP Unauthorized Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-10-31 15:20:27
Name: rsas-vulweb-V6.0R02F00.1903.dat Version:6.0.19.3
MD5:9b491ba00488220db6eac98e7f5f01f8 Size:662.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1902 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1902 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1903 .

The upgrade package includes the following updates:
1. Add vulnerability verification plug-ins (The vulnerability verification function can work only in V6.0R04F00 and later).
2. Add WebLogic HTTP Deserialization Vulnerability (CVE-2020-14882) Plug-in.
3. Add ZenTao Project Management Software Arbitrary File Read Vulnerability Plug-in.
4. Add ZenTao Project Management Software Arbitrary File Upload Vulnerability Plug-in.
5. Update Apache Struts2 S2-032 Remote Code Execution Vulnerability (CVE-2016-3081) Plug-in.
6. Update Apache Struts2 S2-033 Remote Code Execution Vulnerability (CVE-2016-3087) Plug-in.
7. Update ThinkPHP 5.x request.php Variable Overwrite Remote Code Execution Vulnerability Plug-in.
8. Update Apache Struts2 S2-045 Remote Code Execution Vulnerability (CVE-2017-5638) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-10-29 17:32:03
Name: rsas-vulweb-V6.0R02F00.1902.dat Version:6.0.19.2
MD5:fa9eb1adaef9542f2756a1d14a783c63 Size:468.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1901 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1901 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1902 .

The upgrade package includes the following updates:
1. Add vulnerability verification plug-ins (The vulnerability verification function can work only in V6.0R04F00 and later).

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-10-25 23:43:55
Name: rsas-vulweb-V6.0R02F00.1901.dat Version:6.0.19.1
MD5:a18845c0f2069a3fd26e65bf4535d0b2 Size:2.36M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1900 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1900 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1901 .

The upgrade package includes the following updates:
1. Add Django GIS SQL Injection Vulnerability (CVE-2020-9402) Plug-in.
2. Add Detection of the Web Service of Moxa Networking Devices Plug-in.
3. Add Detection of an Unauthorized Access Vulnerability on the Web-based Manager of Moxa MGate Plug-in.
4. Add Detection of an Unauthorized Access Vulnerability on the Web-based Manager of CanHigher NC600 Plug-in.
5. Update Detection of Weak Password on Target Web Application Form Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-10-19 10:10:13
Name: rsas-vulweb-V6.0R02F00.1900.dat Version:6.0.19.0
MD5:1a1a838f3bca7f2bcb4de9e39eb938b2 Size:2.51M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.18* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1900 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1801.dat to rsas-vulweb-V6.0R02F00.1817.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-09-30 21:40:08
Name: rsas-vulweb-V6.0R02F00.1817.dat Version:6.0.18.17
MD5:1c4da5a68d418c1c755b7518fda57493 Size:496.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1816 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1816 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1817 .

The upgrade package includes the following updates:
1. Add FastAdmin Front Desk Member Center Arbitrary Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-09-22 18:23:39
Name: rsas-vulweb-V6.0R02F00.1816.dat Version:6.0.18.16
MD5:326e188e5362b31d2c0390c37036e594 Size:475.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1815 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1815 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1816 .

The upgrade package includes the following updates:
1. Add Yii2 Deserialization Remote Code Execution Vulnerability (CVE-2020-15148) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-09-20 14:06:38
Name: rsas-vulweb-V6.0R02F00.1815.dat Version:6.0.18.15
MD5:01c96b9ea3fa56a03f99e07cdb054782 Size:601.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1814 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1814 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1815 .

The upgrade package includes the following updates:
1. Add WebLogic Arbitrary File Upload Vulnerability (CVE-2018-2894) Plug-in.
2. Add WebLogic IIOP Deserialization Vulnerability (CVE-2020-2551) Plug-in.
3. Add Jenkins Arbitrary File Read Vulnerability (CVE-2018-1999002) Plug-in.
4. Update Apache Solr Remote Code Execution Vulnerability (CVE-2019-0193) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-09-18 20:43:28
Name: rsas-vulweb-V6.0R02F00.1814.dat Version:6.0.18.14
MD5:573db67af993c4c81c71b941f808a966 Size:478.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1813 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1813 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1814 .

The upgrade package includes the following updates:
1. Add Office Anywhere delete_cascade.php SQL Injection Vulnerability Plug-in.
2. Add Office Anywhere print.php Arbitrary File Deletion Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-09-14 18:06:20
Name: rsas-vulweb-V6.0R02F00.1813.dat Version:6.0.18.13
MD5:0686fe63ce490452459c67ced936d47e Size:511.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1812 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1812 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1813 .

The upgrade package includes the following updates:
1. Add Leagsoft UniNID Arbitrary File Upload Vulnerability Plug-in.
2. Add Weaver E-cology OA System SQL Injection Vulnerability Plug-in.
3. Add Wrdtech WebVPN Command Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-09-13 17:30:32
Name: rsas-vulweb-V6.0R02F00.1812.dat Version:6.0.18.12
MD5:7c992f74593c3300cfa0624c672d3be9 Size:497.9K
Description:

本升级包为web插件升级包,支持的web插件版本为V6.0R02F00.1811。升级包为增量升级包,升级后系统版本不变,web插件版本变更为V6.0R02F00.1812。

该升级包包含的变动有:
1. 增加泛微云桥e-bridge任意文件读取漏洞扫描插件。

注意事项:
1. 本升级包升级完成后自动重启引擎生效,升级过程中可能会影响正在使用的功能,请选择在合适的时间进行升级。]]></description>
<description lang="en_US"><![CDATA[
This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1811 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1811 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1812 .

The upgrade package includes the following updates:
1. Add E-bridge Arbitrary File Reading Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-09-12 18:51:22
Name: rsas-vulweb-V6.0R02F00.1811.dat Version:6.0.18.11
MD5:313503a6edfdda22120cd2bc737ee1ca Size:504.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1810 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1810 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1811 .

The upgrade package includes the following updates:
1. Add Apache DolphinScheduler Permission Overwrite Vulnerability(CVE-2020-13922) Plug-in.
2. Add Yongyou GRP-U8 Remote Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-09-12 14:10:53
Name: rsas-vulweb-V6.0R02F00.1810.dat Version:6.0.18.10
MD5:7c3cbb55b1a74d9ba90d49c70ebf21e6 Size:473.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1809 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1809 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1810 .

The upgrade package includes the following updates:
1. Add SANGFOR Endpoint Detection Response (EDR) Arbitrary Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-09-11 13:50:16
Name: rsas-vulweb-V6.0R02F00.1809.dat Version:6.0.18.9
MD5:aa91b83223df3885c0c707fa0eac4abd Size:507.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1808 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1808 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1809 .

The upgrade package includes the following updates:
1. Add BT-Panel Database Management Unauthorized Access Vulnerability Plug-in.
2. Update WordPress Pingback Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.]

Release Time:2020-09-04 15:23:45
Name: rsas-vulweb-V6.0R02F00.1808.dat Version:6.0.18.8
MD5:272e725666f60c4b8dc9581ab910cde8 Size:2.29M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1807 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1807 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1808 .

The upgrade package includes the following updates:
1. Add SANGFOR Endpoint Detection Response (EDR) Arbitrary User Login Vulnerability Plug-in.
2. Add Apache Shiro RememberMe Parameter Key Enumeration Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-08-21 18:03:36
Name: rsas-vulweb-V6.0R02F00.1807.dat Version:6.0.18.7
MD5:b22bcd52220dad1abac66ae497f8f452 Size:492.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1806 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1806 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1807 .

The upgrade package includes the following updates:
1. Add SANGFOR EDR Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-08-18 18:11:03
Name: rsas-vulweb-V6.0R02F00.1806.dat Version:6.0.18.6
MD5:7b584e00ab69f1de8cef26bb6a8275a3 Size:471.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1805 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1805 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1806 .

The upgrade package includes the following updates:
1. Add Office Anywhere retrieve_pwd.php SQL injection Vulnerability Plug-in.
2. Add Office Anywhere upload.php Arbitrary File Upload Vulnerability Plug-in.
3. Add Office Anywhere getdata.php Arbitrary File Upload Vulnerability Plug-in.
4. Add Office Anywhere upload.php Arbitrary File Delete Vulnerability Plug-in.
5. Add Office Anywhere second_tabs.php File Inclusion Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-08-17 21:02:04
Name: rsas-vulweb-V6.0R02F00.1805.dat Version:6.0.18.5
MD5:f184e7d58ccf752727bd4457bc255ebe Size:463.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1804 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1804 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1805 .

The upgrade package includes the following updates:
1. Add Apache Struts 2 S2-059 Remote Code Execution Vulnerability (CVE-2019-0230) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-08-14 20:07:02
Name: rsas-vulweb-V6.0R02F00.1804.dat Version:6.0.18.4
MD5:88e6debc6a6664215595e4327af9a895 Size:473.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1803 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1803 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1804 .

The upgrade package includes the following updates:
1. Update Apache Struts 2 S2-057 Remote Code Execution Vulnerability (CVE-2018-11776) Plug-in.
2. Update WebLogic Java Unserialize Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-08-08 11:18:38
Name: rsas-vulweb-V6.0R02F00.1803.dat Version:6.0.18.3
MD5:9d57d115bd75e5654c8249b29b190533 Size:1.20M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1802 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1802 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1803 .

The upgrade package includes the following update:
1. Add WebLogic Deserialization Remote Code Execution Vulnerability (CVE-2020-14645) Plug-in.
2. Add Spring Boot Actuator Unauthorized Access Plug-in.
3. Add Apache Shiro RememberMe 1.2.4 Deserialization Process Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-07-24 13:51:02
Name: rsas-vulweb-V6.0R02F00.1802.dat Version:6.0.18.2
MD5:b15cbef8573bd0576fe37707b687c006 Size:576.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1801 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1801 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1802 .

The upgrade package includes the following update:
1. Add Apache Dubbo Remote Code Execution Vulnerability (CVE-2020-1948) Plug-in.
2. Add Apache Dubbo Remote Code Execution Vulnerability (CVE-2020-1948) Patch Bypass Plug-in.
3. Add Apache Struts 2 S2-012 Remote Code Execution Vulnerability (CVE-2013-1965) Plug-in.
4. Add Apache Struts 2 S2-015 Remote Code Execution Vulnerability (CVE-2013-2134) Plug-in.
5. Add Apache Struts 2 S2-055 Jackson Deserialization Vulnerability (CVE-2017-7525) Plug-in.
6.Update Possible Slow HTTP Denial-of-Service Attack Detected on Target Hosts Plug-in.
7.Update Fastjson Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-07-10 21:29:38
Name: rsas-vulweb-V6.0R02F00.1801.dat Version:6.0.18.1
MD5:6f323426da09fea83f8b7622f13c14fe Size:459.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1800 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1800 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1801 .

The upgrade package includes the following update:
1. Add F5 BIG-IP TMUI Remote Code Execution Vulnerability(CVE-2020-5902) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-07-06 14:22:41
Name: rsas-vulweb-V6.0R02F00.1800.dat Version:6.0.18.0
MD5:29a0f786eae208c22068c48be3a001bd Size:1.33M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.17* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1800 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1701.dat to rsas-vulweb-V6.0R02F00.1709.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-07-01 18:12:39
Name: rsas-vulweb-V6.0R02F00.1709.dat Version:6.0.17.9
MD5:c32879d243e1b7a87aca6d738e74da42 Size:487.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1708 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1708 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1709 .

The upgrade package includes the following update:
1. Add TRS WCM Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-06-22 16:34:57
Name: rsas-vulweb-V6.0R02F00.1708.dat Version:6.0.17.8
MD5:f9b72a40e3c521b265714b3dc0140e99 Size:547.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1707 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1707 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1708 .

The upgrade package includes the following updates:
1. Add ApereoCAS 4.1.X Default Key Deserialization Vulnerability Plug-in.
2. Add Hessian Deserialization Remote Code Execution Vulnerability Plug-in.
3. Add Detection of Absence of the Content-Security-Policy Header on the Target Plug-in.
4. Add Detection of Absence of the X-Content-Type-Options Header on the Target Plug-in.
5. Add Detection of Absence of the X-XSS-Protection Header on the Target Plug-in.
6. Add Detection of Client (JavaScript) Cookie Reference on the Target URL Plug-in.
7. Update Fastjson Unserialize Remote Code Execution Vulnerability (CNVD-2020-30827) Plug-in.
8. Update Detection of Weak Password on Target Web Application Form Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-06-20 21:36:21
Name: rsas-vulweb-V6.0R02F00.1707.dat Version:6.0.17.7
MD5:49ef64c276270ddaea365656368ccaa5 Size:464.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1706 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1706 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1707 .

The upgrade package includes the following update:
1. Add Fastjson Unserialize Remote Code Execution Vulnerability (CNVD-2020-30827) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-06-12 14:26:29
Name: rsas-vulweb-V6.0R02F00.1706.dat Version:6.0.17.6
MD5:3c5ad2d74edd74125708fdfe2a302b7c Size:519.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1705 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1705 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1706 .

The upgrade package includes the following updates:
1. Add Apache ActiveMQ Web Console Unauthorized Access Vulnerability Plug-in.
2. Add Apache ActiveMQ Fileserver Arbitrary File Upload Vulnerability (CVE-2016-3088) Plug-in.
3. Add Apache ActiveMQ Fileserver Remote Code Execution Vulnerability (CVE-2016-3088) Plug-in.
4. Add Apache ActiveMQ OpenWire Protocol Information Disclosure Vulnerability (CVE-2017-15709) Plug-in.
5. Add Apache ActiveMQ Directory Traversal Vulnerability (CVE-2015-1830) Plug-in.
6. Add Apache Hadoop YARN Resource Manager REST API Unauthorized Access Vulnerability Plug-in.
7. Update Detection of Slow HTTP Denial-of-Service Attack on Target Host Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-06-05 15:31:57
Name: rsas-vulweb-V6.0R02F00.1705.dat Version:6.0.17.5
MD5:33a26854774440d78af459445eb5a380 Size:665.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1704 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1704 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1705 .

The upgrade package includes the following updates:
1. Add Adobe ColdFusion Deserialization Security Vulnerability (CVE-2017-3066) Plug-in.
2. Add Apache Flex BlazeDS AMF Deserialization Vulnerability (CVE-2017-5641) Plug-in.
3. Add Apache ActiveMQ Deserialization Vulnerability (CVE-2015-5254) Plug-in.
4. Add Detection of Hidden Links in the Target URL Plug-in.
5. Update Apache Flex BlazeDS XML External Entity Vulnerability (CVE-2015-3269) Plug-in.
6. Update Detection of Slow HTTP Denial-of-Service Attack on Target Host Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-05-22 19:04:30
Name: rsas-vulweb-V6.0R02F00.1704.dat Version:6.0.17.4
MD5:6804e5a93ac3c36e689f0fc88a99fa7f Size:442.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1703 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1703 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1704 .

The upgrade package includes the following update:
1. Add Adobe LiveCycle Data Services XXE Vulnerability(CVE-2015-3269) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-05-10 12:12:35
Name: rsas-vulweb-V6.0R02F00.1703.dat Version:6.0.17.3
MD5:243caa983e7c2fdb30f0ceb76d8f70a3 Size:670.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1702 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1702 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1703 .

The upgrade package includes the following updates:
1. Add Office Anywhere Frontend Arbitrary User Impersonation Login Vulnerability Plug-in.
2. Add Office Anywhere Arbitrary File Inclusion Vulnerability Plug-in.
3. Add Fastjson Prior to 1.2.68 Remote Code Execution Vulnerability Plug-in.
4. Add Fastjson Prior to 1.2.67 Remote Code Execution Vulnerability Plug-in.
5. Update Detection of Weak Password on Target Web Application Form Plug-in.
6. Update SQL Injection Login Restriction Bypass Vulnerability on Target Website Plug-in.
7. Update KindEditor File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-05-09 09:40:41
Name: rsas-vulweb-V6.0R02F00.1702.dat Version:6.0.17.2
MD5:6949357398bd84db785f888bb6d784d8 Size:841.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1701 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1701 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1702 .

The upgrade package includes the following updates:
1. Add WebLogic T3 Remote Code Execution Vulnerability (CVE-2020-2884) Plug-in.
2. Add WebLogic T3 Remote Code Execution Vulnerability (CVE-2020-2883) Plug-in.
3. Update ElasticSearch Remote Code Execution Vulnerability Plug-in.
4. Update Unauthorized Access Detected to Target MongoDB Database Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-04-24 16:38:52
Name: rsas-vulweb-V6.0R02F00.1701.dat Version:6.0.17.1
MD5:593e6e5406d0a43ad6697df657736d8c Size:541.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1700 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1700 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1701 .

The upgrade package includes the following updates:
1. Add Office Anywhere Arbitrary File Upload Vulnerability Plug-in.
2. Add Office Anywhere Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-04-10 16:59:42
Name: rsas-vulweb-V6.0R02F00.1700.dat Version:6.0.17.0
MD5:8012f6aa1aab5ec78f38973911155903 Size:689.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.16* . This upgrade package is a merged upgrade package . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1700 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1601.dat to rsas-vulweb-V6.0R02F00.1607.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-04-10 10:10:19
Name: rsas-vulweb-V6.0R02F00.1607.dat Version:6.0.16.7
MD5:f6aedc9f59b0c8cc04e9cb752a3529f5 Size:507.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1606 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1606 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1607 .

The upgrade package includes the following updates:
1.Update Malicious Code Exists on the Page Plug-in.
2.Update Detection of Relative Path Overwrite Vulnerability in Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-03-21 15:25:29
Name: rsas-vulweb-V6.0R02F00.1606.dat Version:6.0.16.6
MD5:fab6535c69eefcd5851b1b98630bc16f Size:444.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1605 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1605 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1606 .

The upgrade package includes the following updates:
1.Add Weblogic Coherence Deserialization Remote Code Execution Vulnerability (CVE-2020-2555) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-03-13 17:44:44
Name: rsas-vulweb-V6.0R02F00.1605.dat Version:6.0.16.5
MD5:0e48e4261ed15758b9df1d926610ab57 Size:515.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1604 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1604 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1605 .

The upgrade package includes the following updates:
1.Add Fastjson Remote Code Execution Vulnerability (CVE-2020-8840) Plug-in.
2.Update Apache Tomcat File Include Vulnerability (CVE-2020-1938) Plug-in.
3.Update Session Cookies Detected to Be Without Secure Attribute Plug-in.
4.Update SQL Injection Vulnerability Detected on Target URL Plug-in.
5.Update Detection of Weak Password on Target Web Application Form Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-03-06 23:31:42
Name: rsas-vulweb-V6.0R02F00.1604.dat Version:6.0.16.4
MD5:3f51230e1f4d5e0c3def1e2df4947d91 Size:446.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1603 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1603 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1604 .

The upgrade package includes the following updates:
1.Update Apache Tomcat File Include Vulnerability(CVE-2020-1938) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-02-21 20:07:28
Name: rsas-vulweb-V6.0R02F00.1603.dat Version:6.0.16.3
MD5:ddca8d7897b186b34094d4438c210b46 Size:495.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1602 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1602 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1603 .

The upgrade package includes the following updates:
1. Add Apache Tomcat File Include Vulnerability(CVE-2020-1938) Plug-in.
2. Update Drupal Remote Code Execution Vulnerability (CVE-2018-7600) Plug-in.
3. Update Detection of JavaScript Framework/Library Vulnerability in Target Website Plug-in.
4. Update jQuery Cross-Site Scripting Vulnerability Plug-in.
5. Update Detection of CSRF Vulnerability on Target Website Plug-in.
6. Update Session Cookies Detected to Be Without Secure Attribute Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-02-21 06:43:00
Name: rsas-vulweb-V6.0R02F00.1602.dat Version:6.0.16.2
MD5:07b752f4a254e848bf92cd405931b3c5 Size:439.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1601 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1601 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1602 .

The upgrade package includes the following updates:
1. Update allowscriptaccess of Flash Detected to Be always Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-02-07 18:09:03
Name: rsas-vulweb-V6.0R02F00.1601.dat Version:6.0.16.1
MD5:8a699f78438862031e594cab30375c1a Size:498.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1600 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1600 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1601 .

The upgrade package includes the following updates:
1. Update Account Files Detected on Target Website Plug-in.
2. Update SNMP Weak Password Sensitive Information Disclosure Plug-in.
3. Update Detection of Anonymous Access to Target FTP Service Plug-in.
4. Update CouchDB Unauthorized Access System Command Execution Plug-in.
5. Update Detection of Unauthorized Access Vulnerability in Target Solr Plug-in.
6. Update WebLogic Java Unserialize Remote Code Execution Vulnerability Plug-in.
7. Update WebSphere Java Unserialize Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2020-01-17 18:03:37
Name: rsas-vulweb-V6.0R02F00.1600.dat Version:6.0.16.0
MD5:5f53d255938e7af8a7e5bdb48f3f80d8 Size:34.75M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.15* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1600 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1501.dat to rsas-vulweb-V6.0R02F00.1505.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-12-31 22:41:42
Name: rsas-vulweb-V6.0R02F00.1505.dat Version:6.0.15.5
MD5:faa596126b72d45496764c5c2a3a8e44 Size:482.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1504 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1504 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1505 .

The upgrade package includes the following updates:
1. Add Detection of Relative Path Overwrite Vulnerability in Target URL Plug-in.
2. Update Detection of Brue-Force Attack on Forms of Target Web Application Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-12-20 17:26:58
Name: rsas-vulweb-V6.0R02F00.1504.dat Version:6.0.15.4
MD5:9a00437242f29bc211ddaaea93b5010f Size:443.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1503 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1503 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1504 .

The upgrade package includes the following updates:
1. Update the solution for fixing ClickJacking: X-Frame-Options Not Configured.
2. Update Detection of Identity Card Numbers Leakage on Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-12-08 19:39:34
Name: rsas-vulweb-V6.0R02F00.1503.dat Version:6.0.15.3
MD5:1638a787c3b19b2c9542b553c931f9c2 Size:480.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1502 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1502 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1503 .

The upgrade package includes the following update:
1. Add Apache Flink Arbitrary JAR Package Upload Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-11-23 20:28:12
Name: rsas-vulweb-V6.0R02F00.1502.dat Version:6.0.15.2
MD5:10efadf556914038c995982f7da50dc5 Size:34.63M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1501 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1501 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1502 .

The upgrade package includes the following updates:
1. Add Apache Solr Velocity Module Remote Command Execution Vulnerability Plug-in.
2. Add UEditor Arbitrary File Upload Vulnerability Plug-in.
3. Add Detection of UEditor Editor on Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-11-08 17:10:04
Name: rsas-vulweb-V6.0R02F00.1501.dat Version:6.0.15.1
MD5:9740906577adb8d01e6a9443fb4f9a3a Size:531.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1500 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1500 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1501 .

The upgrade package includes the following updates:
1. Add phpStudy Backdoor Arbitrary Code Execution Vulnerability Plug-in.
2. Update Fastjson Remote Code Execution Vulnerability Plug-in.
3. Update SQL Injection Vulnerability Detected on Target URL Plug-in.
4. Update XSS Vulnerability Detected On Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-10-21 09:55:48
Name: rsas-vulweb-V6.0R02F00.1500.dat Version:6.0.15.0
MD5:5db201c23e2422a5690020dd3e1f967d Size:585.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.14* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1500 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1401.dat to rsas-vulweb-V6.0R02F00.1407.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-09-27 16:38:34
Name: rsas-vulweb-V6.0R02F00.1407.dat Version:6.0.14.7
MD5:0dc819a822901d5d6097681c10b28ed7 Size:433.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1406. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1406. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1407.

The upgrade package includes the following update:
1. Add E-Cology OA System Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.]

Release Time:2019-09-21 23:04:38
Name: rsas-vulweb-V6.0R02F00.1406.dat Version:6.0.14.6
MD5:afaf13b8d999e1ef7423631b94df4ea4 Size:441.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1405. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1405. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1406.

The upgrade package includes the following update:
1. Update Microsoft Windows MHTML Script Code Injection Vulnerability (MS11-026) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-09-21 23:03:18
Name: rsas-vulweb-V6.0R02F00.1405.dat Version:6.0.14.5
MD5:97584bf46996f6788ab2b2a925a0a5c7 Size:461.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1404. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1404. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1405.

The upgrade package includes the following update:
1. Add Webmin Remote Command Execution Vulnerability (CVE-2019-15107) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-09-07 10:41:45
Name: rsas-vulweb-V6.0R02F00.1404.dat Version:6.0.14.4
MD5:719a401e47f4856fd02ab624f4a01b8e Size:432.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1403. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1403. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1404.

The upgrade package includes the following update:
1. Update TLS Heartbeat Extension Pack Remote Information Disclosure Vulnerability (CVE-2014-0160) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-08-24 01:20:49
Name: rsas-vulweb-V6.0R02F00.1403.dat Version:6.0.14.3
MD5:228f130ae66789f64ac46c7d0fd1ed0d Size:440.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1402. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1402. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1403.

The upgrade package includes the following update:
1. Add Apache Solr Remote Code Execution Vulnerability (CVE-2019-0193) Plug-in.
2. Add ProFTPd Arbitrary File Copy Vulnerability (CVE-2019-12815) Plug-in.
3. Add Jackson-databind Remote Code Execution Vulnerability (CVE-2019-12384) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-08-09 22:53:30
Name: rsas-vulweb-V6.0R02F00.1402.dat Version:6.0.14.2
MD5:bf0920620a5f6e24baa6aac6392e51e7 Size:452.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1401. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1401. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1402.

The upgrade package includes the following update:
1. Add Jira Template Injection Remote Code Execution Vulnerability(CVE-2019-11581) Plug-in.
2. Add Fastjson Remote Code Execution Vulnerability Plug-in.
3. Update Link Injection Vulnerability Detected in Target URL Plug-in.
4. Update Frame Injection Vulnerability Detected in Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-07-19 18:36:31
Name: rsas-vulweb-V6.0R02F00.1401.dat Version:6.0.14.1
MD5:4839d6991470a101b30dcf49aa9be560 Size:446.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1400. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1400. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1401.

The upgrade package includes the following update:
1. Add Confluence Directory Traversal and Remote Code Execution Vulnerabilities (CVE-2019-3396) Plug-in.
2. Update ThinkPHP 5.x request.php Variable Overwrite Remote Code Execution Vulnerability Plug-in.
3. Update Detection of Source Code Disclosure in the Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-07-05 18:16:24
Name: rsas-vulweb-V6.0R02F00.1400.dat Version:6.0.14.0
MD5:3bb3b2cc81a6aca7abfb02b5d51a47fd Size:612.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.13* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1400 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1301.dat to rsas-vulweb-V6.0R02F00.1311.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-07-02 11:46:53
Name: rsas-vulweb-V6.0R02F00.1311.dat Version:6.0.13.11
MD5:101467c0723ee3c414cc15434ae60208 Size:438.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1310 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1310 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1311 .

The upgrade package includes the following updates:
1. Update Frame Injection Vulnerability Detected in Target URL Plug-in.
2. Update Clickjacking: X-Frame-Options Not Configured Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-06-21 18:14:29
Name: rsas-vulweb-V6.0R02F00.1310.dat Version:6.0.13.10
MD5:8ac36bde46091f9e5268e09daff15ae2 Size:430.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1309 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1309 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1310 .

The upgrade package includes the following updates:
1. Add WebLogic Deserialization Remote Code Execution Vulnerability(CVE-2019-2725 Patch Bypass) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-06-16 22:54:33
Name: rsas-vulweb-V6.0R02F00.1309.dat Version:6.0.13.9
MD5:08081c7b7434d4c19319e8fd33a6b9e4 Size:417.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1308 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1308 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1309 .

The upgrade package includes the following updates:
1. Update Session Cookies Detected to Be Without Secure Attribute Plug-in.
2. Update Session Cookies Detected to Be Without HttpOnly Attribute Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-06-06 23:49:19
Name: rsas-vulweb-V6.0R02F00.1308.dat Version:6.0.13.8
MD5:b61ee9bada7f07e2196e5c91d0caae26 Size:424.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1307 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1307 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1308 .

The upgrade package includes the following updates:
1. Add WebLogic Blind XML External Entity (XEE) Vulnerability (CVE-2019-2648) Plug-in.
2. Add WebLogic Blind XML External Entity (XEE) Vulnerability (CVE-2019-2649) Plug-in.
3. Add WebLogic Blind XML External Entity (XEE) Vulnerability (CVE-2019-2650) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-05-24 22:01:19
Name: rsas-vulweb-V6.0R02F00.1307.dat Version:6.0.13.7
MD5:2c985cea220745fdb4280ba71890f08e Size:491.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1306 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1306 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1307 .

The upgrade package includes the following updates:
1. Update the risk score for some vulnerabilities.
2. Update the CVSS score for some vulnerabilities.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-05-16 09:35:58
Name: rsas-vulweb-V6.0R02F00.1306.dat Version:6.0.13.6
MD5:2e85dd542eff1890eb2dcb2d8320bc14 Size:481.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1305 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1305 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1306 .

The upgrade package includes the following updates:
1. Update SQL Injection Vulnerability Detected on Target URL Plug-in.
2. Update Detection of Weak Password on Target Web Application Form Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-05-13 10:32:03
Name: rsas-vulweb-V6.0R02F00.1305.dat Version:6.0.13.5
MD5:856d4247a6d2f74191b51093d97fe2c9 Size:481.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1304 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1304 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1305 .

The upgrade package includes the following update:
1. Update WebLogic Deserialization Remote Code Execution Vulnerability (CVE-2019-2725) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-05-01 19:51:23
Name: rsas-vulweb-V6.0R02F00.1304.dat Version:6.0.13.4
MD5:17a1caef77359c9aeaafbf26e5c0a57a Size:426.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1303 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1303 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1304 .

The upgrade package includes the following update:
1. Update WebLogic wls9-async Component Deserialization Remote Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-04-22 11:54:30
Name: rsas-vulweb-V6.0R02F00.1303.dat Version:6.0.13.3
MD5:cec52b76b0f52e19e8cd2ee4a3e8361f Size:425.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1302 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1302 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1303 .

The upgrade package includes the following update:
1. Add WebLogic wls9-async Component Deserialization Remote Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-04-20 17:07:22
Name: rsas-vulweb-V6.0R02F00.1302.dat Version:6.0.13.2
MD5:bbaa6a9992efc91f2f71ac00ea751fc9 Size:463.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1301 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1301 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1302 .

The upgrade package includes the following updates:
1. Add WebLogic Blind XML External Entity (XEE) Vulnerability (CVE-2019-2647) Plug-in.
2. Update WebSphere Java Unserialize Remote Code Execution Vulnerability Plug-in.
3. Update SQL Injection Vulnerability Detected on Target URL Plug-in.
4. Update ThinkPHP 5.0.x and 5.1.x Improper Controller Filtering Remote Code Execution Vulnerability Plug-in.
5. Update ThinkPHP 5.x request.php Variable Overwrite Remote Code Execution Vulnerability Plug-in.
6. Update WebDAV Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-04-19 23:17:14
Name: rsas-vulweb-V6.0R02F00.1301.dat Version:6.0.13.1
MD5:55dc750df57fd356aeccead3823ab985 Size:420.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1300 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1300 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1301 .

The upgrade package includes the following update:
1. Update TLS Heartbeat Extension Pack Remote Information Disclosure Vulnerability (CVE-2014-0160) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-04-04 16:39:04
Name: rsas-vulweb-V6.0R02F00.1300.dat Version:6.0.13.0
MD5:05bc16b7cfac3dcdcf1db4eac0650cf1 Size:551.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.12*. This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1300.

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1201.dat to rsas-vulweb-V6.0R02F00.1206.dat.

Notes:
1.When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-03-29 18:54:51
Name: rsas-vulweb-V6.0R02F00.1206.dat Version:6.0.12.6
MD5:c598220a5789824a35dfe08bea121159 Size:514.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1205. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1205. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1206.

The upgrade package includes the following update:
1.Update SQL Injection Vulnerability Detected on Target URL Plug-in;
2.Update System Command Injection Vulnerability Detected in Target URL Plug-in;
3.Update Arbitrary File Access Vulnerability Detected on Target Host Plug-in.

Notes:
1.When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-03-22 18:54:36
Name: rsas-vulweb-V6.0R02F00.1205.dat Version:6.0.12.5
MD5:93b4b91faebd356f8d339eda0d406b57 Size:435.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1204. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1204. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1205.

The upgrade package includes the following update:
1.Add KindEditor File Upload Vulnerability Plug-in;
2.Add Drupal Remote Code Execution Vulnerability (CVE-2019-6340) Plug-in;
3.Update Microsoft Windows MHTML Script Code Injection Vulnerability (MS11-026) Plug-in.

Notes:
1.When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-03-08 13:40:51
Name: rsas-vulweb-V6.0R02F00.1204.dat Version:6.0.12.4
MD5:28320dc69f30802e5f127c80e68553cc Size:429.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1203. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1203. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1204.

The upgrade package includes the following update:
1.Update ThinkPHP 5.0.x and 5.1.x Improper Controller Filtering Remote Code Execution Vulnerability Plug-in;
2.Update Local File Inclusion Vulnerability on Target Website Plug-in.

Notes:
1.When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-02-22 18:27:14
Name: rsas-vulweb-V6.0R02F00.1203.dat Version:6.0.12.3
MD5:955fa26ebe946b79bf08d9fb100d5746 Size:414.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1202. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1202. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1203.

The upgrade package includes the following update:
1.Update WebLogic wls-wsat Component Remote Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-01-26 14:04:31
Name: rsas-vulweb-V6.0R02F00.1202.dat Version:6.0.12.2
MD5:562c8ea0083f55721ae998ebefdc9917 Size:441.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1201 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1202 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1202.

The upgrade package includes the following update:
1.Update ThinkPHP 5.0.x and 5.1.x Improper Controller Filtering Remote Code Execution Vulnerability Plug-in;
2.Update WebLogic wls-wsat Component Remote Command Execution Vulnerability Plug-in;
3.Add ThinkPHP 5.x request.php Variable Overwrite Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-01-18 23:05:52
Name: rsas-vulweb-V6.0R02F00.1201.dat Version:6.0.12.1
MD5:0a05ea15cdb5f234a33b5595f9f7c1a1 Size:415.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1200 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1200 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1201 .

The upgrade package includes the following update:
1. Update ThinkPHP 5.x Remote Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2019-01-04 20:19:32
Name: rsas-vulweb-V6.0R02F00.1200.dat Version:6.0.12.0
MD5:303d66d14394bc950ee0a4e0d15fbb4c Size:582.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.11* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1200 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1101.dat to rsas-vulweb-V6.0R02F00.1105.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-12-29 11:02:21
Name: rsas-vulweb-V6.0R02F00.1105.dat Version:6.0.11.5
MD5:5d5b1776c17a88e4001e3a62782c7e77 Size:421.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1104 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1104 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1105 .

The upgrade package includes the following updates:
1. Add ThinkPHP 5.x Remote Command Execution Vulnerability Plug-in.
2. Update Permanent Cookies Detected in Target Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-12-21 15:52:57
Name: rsas-vulweb-V6.0R02F00.1104.dat Version:6.0.11.4
MD5:66d94d354aa5c926a748d0d95ad0d3d8 Size:430.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1103 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1103 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1104 .

The upgrade package includes the following updates:
1. Update IIS Location Information Disclosure Plug-in.
2. Update Detection of Weak Password on Target Web Application Form Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-12-07 16:56:01
Name: rsas-vulweb-V6.0R02F00.1103.dat Version:6.0.11.3
MD5:b16db2c187c60a556ae4b7edb3795fba Size:518.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1102 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1102 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1103 .

The upgrade package includes the following update:
1. Update SQL Injection Vulnerability Detected on Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-11-23 16:33:41
Name: rsas-vulweb-V6.0R02F00.1102.dat Version:6.0.11.2
MD5:2571ef8d73783082d708d0ca57b4dd53 Size:476.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1101 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1101 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1102 .

The upgrade package includes the following updates:
1. Update SQL Injection Vulnerability Detected on Target URL Plug-in.
2. Update WebLogic Java Unserialize Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-11-02 22:13:12
Name: rsas-vulweb-V6.0R02F00.1101.dat Version:6.0.11.1
MD5:55939521f061ba43f1c21a2b8ce3067c Size:429.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1100 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1100 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1101 .

The upgrade package includes the following updates:
1. Add WebLogic Remote Code Execution Vulnerability (CVE-2018-3191) Plug-in.
2. Add WebLogic Remote Code Execution Vulnerability (CVE-2018-3245) Plug-in.
3. Add PHPCMS 2008 yp/web/index.php Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-10-18 20:48:37
Name: rsas-vulweb-V6.0R02F00.1100.dat Version:6.0.11.0
MD5:db94edfb9f3519cd0f1d79f1e3ef7ae4 Size:493.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.10* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1100 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1001.dat to rsas-vulweb-V6.0R02F00.1008.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-10-12 17:01:07
Name: rsas-vulweb-V6.0R02F00.1008.dat Version:6.0.10.8
MD5:99fbae5e8ec1c83db1ec0a1e7f69591a Size:419.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1007 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1007 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1008 .

The upgrade package includes the following updates:
1. Add Apache Struts2 S2-013 Remote Code Execution Vulnerability (CVE-2013-1966) Plug-in.
2. Add Apache Struts2 S2-014 Remote Code Execution Vulnerability (CVE-2013-2115) Plug-in.
3. Add JBoss Application Server EJBInvokerServlet/JMXInvokerServlet Remote Code Execution Vulnerability (CVE-2013-4810) Plug-in.
4. Update Apache Struts2 S2-019 Remote Code Execution Vulnerability (CVE-2013-4316) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-10-12 16:44:53
Name: rsas-vulweb-V6.0R02F00.1007.dat Version:6.0.10.7
MD5:5f07c77863ed37cf3b333cdd8cc3678d Size:438.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1006 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1006 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1007 .

The upgrade package includes the following updates:
1. Update XSS Vulnerability Detected On Target URL Plug-in.
2. Update Detection of Identity Card Numbers Leakage on Target URL Plug-in.
3. Update User Name or Password Detected in Target Web Application Login Form Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-09-21 17:55:21
Name: rsas-vulweb-V6.0R02F00.1006.dat Version:6.0.10.6
MD5:8778e5c96ce1213ca8c7fb0641b91bc6 Size:422.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1005 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1005 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1006

The upgrade package includes the following update:
1. Update Apache Struts 2 S2-057 Remote Code Execution Vulnerability (CVE-2018-11776) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-09-07 19:55:07
Name: rsas-vulweb-V6.0R02F00.1005.dat Version:6.0.10.5
MD5:04918b46e159a1c877c3d94e03ba77c3 Size:436.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1004 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1004 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1005 .

The upgrade package includes the following update:
1. Add Detection of Source Code Disclosure in the Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-08-31 18:03:14
Name: rsas-vulweb-V6.0R02F00.1004.dat Version:6.0.10.4
MD5:05242b5e3f8a98a59e0d505849d96401 Size:408.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1003 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1003 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1004 .

The upgrade package includes the following update:
1. Add Apache Struts2 S2-057 Remote Code Execution Vulnerability (CVE-2018-11776) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-08-23 19:00:34
Name: rsas-vulweb-V6.0R02F00.1003.dat Version:6.0.10.3
MD5:ac23045427726608c7ebe1df41abfbf2 Size:424.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1002 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1002 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1003 .

The upgrade package includes the following updates:
1. Update WebLogic wls-wsat Component Remote Command Execution Vulnerability Plug-in.
2. Update Clickjacking: X-Frame-Options Not Configured Plug-in.
3. Update Detection of JavaScript Framework/Library Vulnerability in Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-08-03 19:55:50
Name: rsas-vulweb-V6.0R02F00.1002.dat Version:6.0.10.2
MD5:cf45aa56ee1a6c57c1e2aa4e8124d6a1 Size:404.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1001 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1001 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1002 .

The upgrade package includes the following updates:
1. Update plug-in database and plug-in template.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-07-20 17:03:26
Name: rsas-vulweb-V6.0R02F00.1001.dat Version:6.0.10.1
MD5:6456ef4e715f04e48521e5abf2eb97c4 Size:419.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1000 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1000 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1001 .

The upgrade package includes the following update:
1. Update Local File Inclusion Vulnerability on Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-07-06 23:10:45
Name: rsas-vulweb-V6.0R02F00.1000.dat Version:6.0.10.0
MD5:3418ca92b0e96f253d973fe28964c3b3 Size:584.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.09* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1000 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.0901.dat to rsas-vulweb-V6.0R02F00.0907.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-06-30 15:15:47
Name: rsas-vulweb-V6.0R02F00.0907.dat Version:6.0.9.7
MD5:cf71be38602a5cf311a4c261dd3018eb Size:422.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0906 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0906 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0907 .

The upgrade package includes the following updates:
1. Update Apache Tomcat Installer Default Password Vulnerability Plug-in.
2. Update CmsEasy Improper Image Cropping GetShell Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-06-22 15:17:59
Name: rsas-vulweb-V6.0R02F00.0906.dat Version:6.0.9.6
MD5:39f6eb96574c5f363e4ecede06ebfa0e Size:529.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0905 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0905 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0906 .

The upgrade package includes the following updates:
1. Add Drupal Remote Code Execution Vulnerability (CVE-2018-7600) Plug-in.
2. Add Drupal Remote Code Execution Vulnerability (CVE-2017-6920) Plug-in.
3. Update Detection of Weak Password on Target Web Application Form Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-06-08 15:37:32
Name: rsas-vulweb-V6.0R02F00.0905.dat Version:6.0.9.5
MD5:d5aae6f39e8cb2dd80c3c4200d1d8050 Size:425.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0904 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0904 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0905 .

The upgrade package includes the following updates:
1. Update GNU Bash Environment Variable Remote Command Execution Vulnerability Plug-in.
2. Update Drupal Sections Module XSS Vulnerability Plug-in.
3. Update Drupal 7.15 Multiple Pages Physical Path Exposure Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-05-18 20:47:11
Name: rsas-vulweb-V6.0R02F00.0904.dat Version:6.0.9.4
MD5:531fd44063576b2af408faaeaacb15e0 Size:435.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0903 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0903 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0904 .

The upgrade package includes the following updates:
1. Update WebLogic Deserialization Remote Code Execution Vulnerability (CVE-2018-2628) Plug-in.
2. Update Apache Struts2 S2-045 Remote Code Execution Vulnerability Plug-in.
3. Update jQuery Cross-Site Scripting Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-05-04 22:42:30
Name: rsas-vulweb-V6.0R02F00.0903.dat Version:6.0.9.3
MD5:7b05a69b5ad7699d0bb95ba77021ed7e Size:422.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0902 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0902 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0903 .

The upgrade package includes the following updates:
1. Update WebLogic Deserialization Remote Code Execution Vulnerability (CVE-2018-2628) Plug-in.
2. Update Detection of Information Disclosure Vulnerability on Target JBoss Plug-in.
3. Update ElasticSearch Remote Code Execution Vulnerability Plug-in.
4. Update Detection of JavaScript Framework/Library Vulnerability in Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-04-18 18:09:30
Name: rsas-vulweb-V6.0R02F00.0902.dat Version:6.0.9.2
MD5:bd20d1c6423c851f59b0024c58771054 Size:414.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0901 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0901 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0902 .

The upgrade package includes the following update:
1. Add WebLogic Java Unserialize Remote Code Execution Vulnerability (CVE-2018-2628) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-04-18 03:20:48
Name: rsas-vulweb-V6.0R02F00.0901.dat Version:6.0.9.1
MD5:f25d627c57940a48b849b3ca5e20ab1b Size:419.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0900 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0900 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0901 .

The upgrade package includes the following updates:
1. Update Detection of Weak Password on Target Web Application Form Plug-in.
2. Update Database Connection File of Target Website Detected to Be Leaked Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-04-08 14:35:00
Name: rsas-vulweb-V6.0R02F00.0900.dat Version:6.0.9.0
MD5:53acebc5c93ee609d2e25ac9e8a6f6f7 Size:543.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.08* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0900 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.0801.dat to rsas-vulweb-V6.0R02F00.0805.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-03-30 16:30:45
Name: rsas-vulweb-V6.0R02F00.0805.dat Version:6.0.8.5
MD5:a25cb3d5a558e9dd960d3708f6fd2bec Size:448.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0804 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0804 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0805 .

The upgrade package includes the following updates:
1. Update Detection of Weak Password on Target Web Application Form Plug-in.
2. Update Detection of Brue-Force Attack on Forms of Target Web Application Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-03-26 14:56:59
Name: rsas-vulweb-V6.0R02F00.0804.dat Version:6.0.8.4
MD5:deb8219bd5799b1475e76577aea87e2a Size:468.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0803 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0803 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0804 .

The upgrade package includes the following updates:
1. Update Detection of JavaScript Framework/Library Vulnerability in Target Website Plug-in.
2. Update DOM-based XSS Vulnerability Detected on Target URL Plug-in.
3. Update Apache Struts2 Remote Code Execution Vulnerability (S2-046) Plug-in.
4. Update Spreadsheet Hidden Fields Manipulation Detected Plug-in.
5. Update allowNetworking of Flash Detected to Be Set to all Plug-in.
6. Update allowscriptaccess of Flash Detected to Be always Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-03-09 18:30:35
Name: rsas-vulweb-V6.0R02F00.0803.dat Version:6.0.8.3
MD5:aa64ff5a18716d6ab6601df05e97a7fc Size:474.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0802 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0802 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0803 .

The upgrade package includes the following updates:
1. Update Detection of Weak Password on Target Web Application Form Plug-in.
2. Update SQL Injection Login Restriction Bypass Vulnerability on Target Website Plug-in.
3. Update Detection of Brue-Force Attack on Forms of Target Web Application Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-02-02 17:38:06
Name: rsas-vulweb-V6.0R02F00.0802.dat Version:6.0.8.2
MD5:ff72db600215a545717e66b98f3570c5 Size:427.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0801 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0801 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0802 .

The upgrade package includes the following update:
1. Update Detection of Weak Password on Target Web Application Form Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-01-19 19:03:04
Name: rsas-vulweb-V6.0R02F00.0801.dat Version:6.0.8.1
MD5:c2e57052e37c0387721e6048644396fc Size:418.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0800 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0800 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0801 .

The upgrade package includes the following update:
1. Update Arbitrary File Access Vulnerability Detected on Target Host Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2018-01-05 18:52:15
Name: rsas-vulweb-V6.0R02F00.0800.dat Version:6.0.8.0
MD5:2363119b920df8a5740350846e470ddc Size:535.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.07* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0800 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.0701.dat to rsas-vulweb-V6.0R02F00.0705.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-12-29 11:33:14
Name: rsas-vulweb-V6.0R02F00.0705.dat Version:6.0.7.5
MD5:f591e8b86041b0283ebfd54649481c7a Size:417.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0704 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0704 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0705 .

The upgrade package includes the following updates:
1. Add WebLogic wls-wsat Component Remote Code Execution Vulnerability Plug-in.
2. Update Detection of JavaScript Framework/Library Vulnerability in Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-12-22 20:04:37
Name: rsas-vulweb-V6.0R02F00.0704.dat Version:6.0.7.4
MD5:462627ebe7dcfa4926bb970dd157ca20 Size:438.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0703 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0703 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0704 .

The upgrade package includes the following updates:
1. Add Detection of Bank Card Numbers Leakage on Target URL Plug-in.
2. Update System Command Injection Vulnerability Detected in Target URL Plug-in.
3. Update Apache Struts2 Prefix Parameters Remote Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-12-07 18:50:10
Name: rsas-vulweb-V6.0R02F00.0703.dat Version:6.0.7.3
MD5:d9060758d5ef65aa45f328151169a1f2 Size:452.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0702 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0702 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0703 .

The upgrade package includes the following updates:
1. Add Detection of JavaScript Framework/Library Vulnerability in Target Website Plug-in.
2. Add Detection of Identity Card Numbers Leakage on Target URL Plug-in.
3. Update HTTP Host Header Attack Vulnerability Detected in Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-11-24 16:31:43
Name: rsas-vulweb-V6.0R02F00.0702.dat Version:6.0.7.2
MD5:855a72015161a5383bd636987111a1b0 Size:422.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0701 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0701 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0702 .

The upgrade package includes the following updates:
1. Update plug-in database and plug-in template.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-11-03 18:06:31
Name: rsas-vulweb-V6.0R02F00.0701.dat Version:6.0.7.1
MD5:096ea3bff982120b770a8a35d6a6a18f Size:462.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0700 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0700 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0701 .

The upgrade package includes the following updates:
1. Add Spring Data REST Remote Code Execution Vulnerability (CVE-2017-8046) Plug-in.
2. Add Apache Struts2 Freemarker Tag Remote Code Execution Vulnerability (S2-053) Plug-in.
3. Add Apache Tomcat Information Disclosure Vulnerability (CVE-2017-12616) Plug-in.
4. Add Detection of the OPTIONS Method Enabled on Target Server Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-10-20 20:10:03
Name: rsas-vulweb-V6.0R02F00.0700.dat Version:6.0.7.0
MD5:e77a0481f74bf6da63c3d27b2f816445 Size:467.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.06* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0700 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.0601.dat to rsas-vulweb-V6.0R02F00.0608.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-09-28 15:06:43
Name: rsas-vulweb-V6.0R02F00.0608.dat Version:6.0.6.8
MD5:d9038466ce31419c46649dbeb79150e4 Size:400.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0607 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0607 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0608 .

The upgrade package includes the following update:
1. Add Apache Tomcat Remote Code Execution Vulnerability (CVE-2017-12615) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-09-22 17:53:57
Name: rsas-vulweb-V6.0R02F00.0607.dat Version:6.0.6.7
MD5:dece0d713d218e28b7a0810728b245d7 Size:411.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0606 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0606 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0607 .

The upgrade package includes the following updates:
1. Update User Name or Password Detected to Possibly Exist in Target Source Code Plug-in.
2. Update Detection of Slow HTTP Denial-of-Service Attack on Target Host Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-09-11 09:57:33
Name: rsas-vulweb-V6.0R02F00.0606.dat Version:6.0.6.6
MD5:7b18e5b28992f766c27d59b376dcb334 Size:395.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0605 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0605 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0606 .

The upgrade package includes the following update:
1. Add Apache Struts2 Rest Plugin Remote Code Execution Vulnerability (S2-052) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-09-06 16:46:11
Name: rsas-vulweb-V6.0R02F00.0605.dat Version:6.0.6.5
MD5:fc8e0d676428a3f40144743345f2aadd Size:401.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0604 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0604 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0605 .

The upgrade package includes the following update:
1. Update Apache Struts2 Remote Code Execution Vulnerability (S2-046) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-08-18 18:03:47
Name: rsas-vulweb-V6.0R02F00.0604.dat Version:6.0.6.4
MD5:bc44fee4a375147c756eef65ea4e6588 Size:401.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0603 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0603 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0604 .

The upgrade package includes the following updates:
1. Update Nginx %00 Byte Processing Remote Code Execution Vulnerability Plug-in.
2. Update HTTP Remote Code Execution Vulnerability (MS15-034) (CVE-2015-1635) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-08-04 17:28:53
Name: rsas-vulweb-V6.0R02F00.0603.dat Version:6.0.6.3
MD5:d77a9ef553c10fd6d112c6aab97bb19c Size:416.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0602 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0602 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0603 .

The upgrade package includes the following update:
1. Update Apache Struts2 Showcase Remote Code Execution Vulnerability (S2-048) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-07-21 16:55:50
Name: rsas-vulweb-V6.0R02F00.0602.dat Version:6.0.6.2
MD5:12ea980cea6d081adad8e5be9d784c5f Size:407.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0601 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0601 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0602 .

The upgrade package includes the following update:
1. Add Apache Struts2 Remote Code Execution Vulnerability (S2-048) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-07-08 01:19:40
Name: rsas-vulweb-V6.0R02F00.0601.dat Version:6.0.6.1
MD5:75dfafee61cf620b5d99907c016375e0 Size:444.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0600 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0600 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0601 .

The upgrade package includes the following updates:
1. Update OneCMS 2.4 (staff.php) Remote SQL Injection Vulnerability Plug-in.
2. Update OneCMS 2.4 (userreviews.php abc) Remote SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-07-07 18:28:06
Name: rsas-vulweb-V6.0R02F00.0600.dat Version:6.0.6.0
MD5:0f7ffcd96c32e37c584c7dd93c30b5d8 Size:497.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.05* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0600 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.0501.dat to rsas-vulweb-V6.0R02F00.0509.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-06-30 21:15:07
Name: rsas-vulweb-V6.0R02F00.0509.dat Version:6.0.5.9
MD5:fcb6949e38b17a1eef5e118a93d5625d Size:405.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0508 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0508 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0509 .

The upgrade package includes the following update:
1. Update ElasticSearch Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-06-23 17:20:11
Name: rsas-vulweb-V6.0R02F00.0508.dat Version:6.0.5.8
MD5:062d207098d080e903ff8292a1469aff Size:403.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0507 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0507 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0508 .

The upgrade package includes the following update:
1. Add Zabbix Proxy Trapper remote code execute Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-06-16 18:14:19
Name: rsas-vulweb-V6.0R02F00.0507.dat Version:6.0.5.7
MD5:9d2cbd2e168f33157374bbd06b318e0a Size:423.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0506 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0506 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0507 .

The upgrade package includes the following updates:
1. Add Joomla 3.7.0 Core Component SQL Injection Vulnerability Plug-in.
2. Update Telephone Number Disclosure Detected in Target URL Plug-in.
3. Update Link Injection Vulnerability Detected in Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-06-09 18:03:30
Name: rsas-vulweb-V6.0R02F00.0506.dat Version:6.0.5.6
MD5:64947be821e976f7cbf72f2b6a73ca06 Size:432.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0505 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0505 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0506 .

The upgrade package includes the following updates:
1. Update Detection of Weak Password on Target Web Application Form Plug-in.
2. Update Frame Injection Vulnerability Detected in Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-05-19 18:19:44
Name: rsas-vulweb-V6.0R02F00.0505.dat Version:6.0.5.5
MD5:a101aca85034b508227e73876ade0fff Size:396.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0504 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0504 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0505 .

The upgrade package includes the following updates:
1. Add WordPress 4.6 Remote Code Execution Vulnerability Plug-in.
2. Add phpCMS V9.6.1 Arbitrary File Download Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-05-10 21:08:13
Name: rsas-vulweb-V6.0R02F00.0504.dat Version:6.0.5.4
MD5:4a7997acb79e528de7d3ebb1ab597877 Size:389.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0503 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0503 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0504 .

The upgrade package includes the following update:
1. Update PHPCMS V9.6.0 Content Function Module SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-05-05 17:37:19
Name: rsas-vulweb-V6.0R02F00.0503.dat Version:6.0.5.3
MD5:8a6e2ec4762e52f1708b09ff5d211f1a Size:412.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0502 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0502 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0503 .

The upgrade package includes the following updates:
1. Add PHPCMS V9.6.0 Content Function Module SQL Injection Vulnerability Plug-in.
2. Update SQL Injection Vulnerability Detected on Target URL Plug-in.
3. Update Frame Injection Vulnerability Detected in Target URL Plug-in.
4. Update Link Injection Vulnerability Detected in Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-04-21 22:06:11
Name: rsas-vulweb-V6.0R02F00.0502.dat Version:6.0.5.2
MD5:ca6f09b3635e7b806d7fbc95658b5059 Size:401.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0501 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0501 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0502 .

The upgrade package includes the following updates:
1. Update Apache Struts2 S2-045 Remote Code Execution Vulnerability Plug-in.
2. Update Dahua Network Camera Default Weak Password for ONVIF Login Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-04-07 22:33:36
Name: rsas-vulweb-V6.0R02F00.0501.dat Version:6.0.5.1
MD5:27ce4465da85896ed226c620bbea967f Size:389.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0500 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0500 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0501 .

The upgrade package includes the following updates:
1. Add Microsoft Windows Server 2003 R2 IIS 6.0 Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-03-28 22:17:04
Name: rsas-vulweb-V6.0R02F00.0500.dat Version:6.0.5.0
MD5:20381f3ab82e3303619807a17c17d1c6 Size:623.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.04* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0500 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.0401.dat to rsas-vulweb-V6.0R02F00.0417.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-03-28 10:44:15
Name: rsas-vulweb-V6.0R02F00.0417.dat Version:6.0.4.17
MD5:0fdda41bad6098b5fec887023623e756 Size:402.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0416 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0416 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0417 .

The upgrade package includes the following updates:
1. Add Apache Struts2 S2-046 Remote Code Execution Vulnerability Plug-in.
2. Update Spreadsheet Hidden Fields Manipulation Detected Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-03-21 17:42:22
Name: rsas-vulweb-V6.0R02F00.0416.dat Version:6.0.4.16
MD5:16ed4b85308aaab649311b4c6bccb3a0 Size:390.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0415 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0415 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0416 .

The upgrade package includes the following update:
1. Add Dahua Network Camera Backdoor Account Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-03-16 14:57:29
Name: rsas-vulweb-V6.0R02F00.0415.dat Version:6.0.4.15
MD5:6ce6066555e4169557a4c2f34ede176c Size:396.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0414 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0414 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0415 .

The upgrade package includes the following updates:
1. Update Dahua Network Camera Default Weak Password for ONVIF Login Plug-in.
2. Update Detection of CRLF Injection Vulnerability in Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-03-10 20:51:51
Name: rsas-vulweb-V6.0R02F00.0414.dat Version:6.0.4.14
MD5:2f21ce7428ba8594a3ed9fbf353d5962 Size:395.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0413 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0413 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0414 .

The upgrade package includes the following update:
1. Update Apache Struts2 S2-045 Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-03-08 18:07:11
Name: rsas-vulweb-V6.0R02F00.0413.dat Version:6.0.4.13
MD5:65ab86b653050636fa5789d8e1e79e85 Size:395.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0412 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0412 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0413 .

The upgrade package includes the following update:
1. Update Apache Struts2 S2-045 Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-03-08 10:22:55
Name: rsas-vulweb-V6.0R02F00.0412.dat Version:6.0.4.12
MD5:9fa410ec85f050f271215aea5bc9ebfe Size:395.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0411 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0411 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0412 .

The upgrade package includes the following update:
1. Add Apache Struts2 S2-045 Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-03-07 14:46:50
Name: rsas-vulweb-V6.0R02F00.0411.dat Version:6.0.4.11
MD5:88211c81daea80825c48925b8e90225b Size:390.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0410 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0410 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0411 .

The upgrade package includes the following update:
1. Add Dahua Network Camera Default Weak Password for ONVIF Login Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-03-03 22:08:02
Name: rsas-vulweb-V6.0R02F00.0410.dat Version:6.0.4.10
MD5:68966ea5f303ab68e8a12c6ae0ab1f27 Size:399.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0409 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0409 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0410 .

The upgrade package includes the following update:
1. Update Parameter-based URL Jump Vulnerability Detected on Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-02-26 16:50:56
Name: rsas-vulweb-V6.0R02F00.0409.dat Version:6.0.4.9
MD5:fb9f0e35dbf94084dbaec0dbc886dadf Size:423.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0408 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0408 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0409 .

The upgrade package includes the following update:
1. Update SQL Injection Vulnerability Detected on Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-02-10 22:48:47
Name: rsas-vulweb-V6.0R02F00.0408.dat Version:6.0.4.8
MD5:7450ba950f193814c554937f5611aece Size:407.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0407 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0407 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0408 .

The upgrade package includes the following updates:
1. Add Detection of Unauthorized Access Vulnerability in Target Hadoop HDFS Plug-in.
2. Add Detection of Unauthorized Access Vulnerability in Target Solr Plug-in.
3. Add Detection of Unauthorized Access Vulnerability in Target InfluxDB Plug-in.
4. Update SQL Injection Vulnerability Detected on Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-01-21 20:08:39
Name: rsas-vulweb-V6.0R02F00.0407.dat Version:6.0.4.7
MD5:9f703e35f784f7459f4578edc325bcfe Size:396.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0406 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0406 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0407 .

The upgrade package includes the following update:
1. Update IIS Short Filename Disclosure Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2017-01-06 20:49:48
Name: rsas-vulweb-V6.0R02F00.0406.dat Version:6.0.4.6
MD5:7ab728eeea33906c9c6a898a903c7c2d Size:484.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0405 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0405 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0406 .

The upgrade package includes the following updates:
1. Update IIS Short Filename Disclosure Vulnerability Plug-in.
2. Update XSS Vulnerability Detected On Target URL Plug-in.
3. Update SQL Injection Vulnerability Detected on Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-12-23 20:46:37
Name: rsas-vulweb-V6.0R02F00.0405.dat Version:6.0.4.5
MD5:24bde0c79f88140dd693ca9573cb6202 Size:450.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0404 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0404 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0405 .

The upgrade package includes the following updates:
1. Update Detection of Weak Password on Target Web Application Form Plug-in.
2. Update HTTP-based Basic Authentication Detection Plug-in.
3. Update System Directory Disclosure on Target Server Plug-in.
4. Update iis7/7.5 Parsing Vulnerability Plug-in.
5. Update Apache Geronimo Application Server Multiple Input Validation Vulnerabilities Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-12-02 18:03:25
Name: rsas-vulweb-V6.0R02F00.0404.dat Version:6.0.4.4
MD5:2039ed96720bf5a32e36c1644e652b67 Size:400.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0403 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0403 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0404 .

The upgrade package includes the following updates:
1. Add Detection of Git-Related Files on Target Websites Plug-in.
2. Add CmsEasy Improper Image Cropping GetShell Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-11-18 21:41:04
Name: rsas-vulweb-V6.0R02F00.0403.dat Version:6.0.4.3
MD5:a8b5788b41b0eea4b53cd6bc7a41839a Size:401.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0402 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0402 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0403 .

The upgrade package includes the following update:
1. Improve engine scanning capabilities.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-11-04 18:15:35
Name: rsas-vulweb-V6.0R02F00.0402.dat Version:6.0.4.2
MD5:556021433b3d944c2d7d8febee2252be Size:402.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0401 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0401 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0402 .

The upgrade package includes the following update:
1. Add WordPress InfiniteWP Admin Panel 2.8.0 Command Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-10-24 11:06:00
Name: rsas-vulweb-V6.0R02F00.0401.dat Version:6.0.4.1
MD5:2261c029548c23d41b050a49f36cb944 Size:444.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0400 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0400 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0401 .

The upgrade package includes the following updates:
1. Update SQL Injection Vulnerability Detected on Target URL Plug-in.
2. Update Detection of Trojan on Target Website Plug-in.
3. Update Management Backend Login Entry Detected Plug-in.
4. Update User Name or Password Detected in Target Web Application Login Form Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-10-12 19:56:08
Name: rsas-vulweb-V6.0R02F00.0400.dat Version:6.0.4.0
MD5:6c4c3b697678cd59da290a5e067c9285 Size:698.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.03* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0400 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.0301.dat to rsas-vulweb-V6.0R02F00.0308.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-10-08 11:25:36
Name: rsas-vulweb-V6.0R02F00.0308.dat Version:6.0.3.8
MD5:7209bb57e03c9ae59b61fb17d782c21c Size:415.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0307 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0307 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0308 .

The upgrade package includes the following updates:
1. Update Management Backend Login Entry Detected plug-in.
2. Update Detection of Login Password for Default Console of eWebEditor plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-09-26 10:33:32
Name: rsas-vulweb-V6.0R02F00.0307.dat Version:6.0.3.7
MD5:ac272c4a83e21ffda79072488b28e294 Size:541.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0306 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0306 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0307 .

The upgrade package includes the following updates:
1. Add Detection of CKEditor in Target plug-in.
2. Add Detection of Weak Passwords of Zabbix Application Server Daemon plug-in.
3. Add Detection of Login Entry of Default Console of eWebEditor Plug-in.
4. Add Detection of Login Password for Default Console of eWebEditor plug-in.
5. Add Ten Medium- and Low-Level Vulnerability Scanning Plug-ins.
6. Update Arbitrary File Access Vulnerability Detected on Target Host plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-09-09 21:12:49
Name: rsas-vulweb-V6.0R02F00.0306.dat Version:6.0.3.6
MD5:50d8689280c0e2205e61e3c0b42e74fb Size:399.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0305 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0305 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0306 .

The upgrade package includes the following updates:
1. Add Multiple Zabbix Versions jsrcp.php Page SQL Injection Vulnerability plug-in.
2. Add Detection of Zabbix Application Server Daemon plug-in.
3. Update Parameter-based URL Jump Vulnerability Detected on Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-08-18 21:57:58
Name: rsas-vulweb-V6.0R02F00.0305.dat Version:6.0.3.5
MD5:921a96380ba2317cd6fdb2defcc78332 Size:406.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0304 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0304 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0305 .

The upgrade package includes the following updates:
1. Update plug-in database and plug-in template Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-08-05 19:07:33
Name: rsas-vulweb-V6.0R02F00.0304.dat Version:6.0.3.4
MD5:e96a66a5117e7163b61267869678e06b Size:389.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0303 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0303 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0304 .

The upgrade package includes the following update:
1. Update Arbitrary File Access Vulnerability Detected on Target Host Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-07-23 08:11:33
Name: rsas-vulweb-V6.0R02F00.0303.dat Version:6.0.3.3
MD5:059b318278ea404db47757884b09a8da Size:381.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0302 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0302 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0303 .

The upgrade package includes the following update:
1. Add Apache Struts2 DevMode Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-07-14 17:56:45
Name: rsas-vulweb-V6.0R02F00.0302.dat Version:6.0.3.2
MD5:7ffb382d956e6e4b0b7f4196dec9029d Size:391.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0301 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0301 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0302 .

The upgrade package includes the following update:
1. Add Detection of Spring Boot SpEL Expression Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-07-13 20:53:04
Name: rsas-vulweb-V6.0R02F00.0301.dat Version:6.0.3.1
MD5:5a2e606f2d5fa0a2e8a527042a37749c Size:561.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0300 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0300 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0301 .

The upgrade package includes the following update:
1. Update Apache Struts2 Remote Code Execution Vulnerability (S2-037) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-07-08 18:29:09
Name: rsas-vulweb-V6.0R02F00.0300.dat Version:6.0.3.0
MD5:b6832024b357bd1664e98062521f6451 Size:2.27M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.02* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0300 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.0201.dat to rsas-vulweb-V6.0R02F00.0210.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-07-01 20:37:50
Name: rsas-vulweb-V6.0R02F00.0210.dat Version:6.0.2.10
MD5:90f8ba56807124cdfd28d1745262119a Size:1.64M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0209 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0209 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0210 .

The upgrade package includes the following updates:
1. Add Detection of Unauthorized Access to Target Zookeeper Service Plug-in.
2. Add Detection of Anonymous Access and Weak Passwords of Target Telnet Service Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-06-17 20:26:56
Name: rsas-vulweb-V6.0R02F00.0209.dat Version:6.0.2.9
MD5:53b61e0aa6536dfcae6982b4aef0698e Size:384.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0208 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0208 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0209 .

The upgrade package includes the following updates:
1. Add Apache Struts2 Remote Code Execution Vulnerability (S2-037) Plug-in.
2. Add Apache Struts2 Remote Code Execution Vulnerability (S2-033) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-06-16 20:40:46
Name: rsas-vulweb-V6.0R02F00.0208.dat Version:6.0.2.8
MD5:517361bceed4b9ff40e17d320a84e555 Size:483.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0207 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0207 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0208 .

The upgrade package includes the following updates:
1. Add Detection of Anonymous Access to Target Jenkins Platform Plug-in.
2. Add Elasticsearch Arbitrary File Download Vulnerability (CVE-2015-5531) Plug-in.
3. Add Detection of Anonymous Access to Target FTP Service Plug-in.
4. Add Jenkins XStream Deserialization Command Execution Vulnerability Plug-in.
5. Add Detection of Unauthorized Access to Target Memcache Service Plug-in.
6. Add Unauthorized Access Detected to Target MongoDB Database Plug-in.
7. Add Six Medium- and Low-Level Vulnerability Scanning Plug-ins.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-06-03 21:29:00
Name: rsas-vulweb-V6.0R02F00.0207.dat Version:6.0.2.7
MD5:054907c2da137cde20ce7ec0391efd0d Size:378.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0206 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0206 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0207 .

The upgrade package includes the following update:
1. Add CouchDB Unauthorized Access System Command Execution Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-05-20 23:19:42
Name: rsas-vulweb-V6.0R02F00.0206.dat Version:6.0.2.6
MD5:1779722829090637979a6932a75be2f3 Size:386.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0205 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0205 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0206 .

The upgrade package includes the following updates:
1. Add Docker Remote API Unauthorized Access Vulnerability Plug-in.
2. Add Apache Struts2 Remote Code Execution Vulnerability (S2-019) Plug-in.
3. Update WebLogic Java Unserialize Remote Code Execution Vulnerability Plug-in.
4. Update HTTP Remote Code Execution Vulnerability (MS15-034) (CVE-2015-1635) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-05-18 18:59:34
Name: rsas-vulweb-V6.0R02F00.0205.dat Version:6.0.2.5
MD5:1b465a366f093f64d7ab87c45a699464 Size:1.67M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0204 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0204 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0205 .

The upgrade package includes the following updates:
1. Update Apache Struts2 Remote Code Execution Vulnerability (S2-32) Plug-in.
2. Update Cross-Site Script Upload Vulnerability Plug-in.
3. Update Spreadsheet Hidden Fields Manipulation Detected Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-05-07 18:13:04
Name: rsas-vulweb-V6.0R02F00.0204.dat Version:6.0.2.4
MD5:f02aa0b20e105133c28e608d18b52a49 Size:358.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0203 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0203 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0204 .

The upgrade package includes the following update:
1. Update Apache Struts2 Remote Code Execution Vulnerability (S2-32) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-04-28 20:02:49
Name: rsas-vulweb-V6.0R02F00.0203.dat Version:6.0.2.3
MD5:c1af86b0f1654710da375b15bbf17ca0 Size:367.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0202 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0202 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0203 .

The upgrade package includes the following update:
1. Add Apache Struts2 Remote Code Execution Vulnerability (S2-32) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-04-27 11:53:50
Name: rsas-vulweb-V6.0R02F00.0202.dat Version:6.0.2.2
MD5:c712f9bd2702790f8065055874bae9ca Size:364.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0201 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0201 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0202 .

The upgrade package includes the following updates:
1. Add HEDA Smart Water SCADA System Arbitrary File Upload Vulnerability Plug-in.
2. Add MetInfo 5.3 metv5_top SQL Injection Vulnerability Plug-in.
3. Add MetInfo 5.3 uploadify Information Disclosure and SQL Injection Vulnerabilities Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-04-22 22:35:19
Name: rsas-vulweb-V6.0R02F00.0201.dat Version:6.0.2.1
MD5:535007c45f40633a4ce46f27eca754b0 Size:710.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0200 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0200 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0201 .

The upgrade package includes the following updates:
1. Add Elasticsearch Unauthorized Access Vulnerability Plug-in.
2. Add Elasticsearch Arbitrary File Reading Vulnerability (CVE-2015-3337) Plug-in.
3. Add Apache Axis2 Admin Console Weak Password Plug-in.
4. Add Unauthorized Access Detected to Target rsync Server Plug-in.
5. Update WebLogic Java Unserialize Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-04-08 20:59:29
Name: rsas-vulweb-V6.0R02F00.0200.dat Version:6.0.2.0
MD5:bb5833282d59143320e2a0f1c54979b3 Size:147.83M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.01* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0200 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.0101.dat to rsas-vulweb-V6.0R02F00.0130.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-04-01 18:28:48
Name: rsas-vulweb-V6.0R02F00.0130.dat Version:6.0.1.30
MD5:ac9ca9b382190490b75a47950bb3f7e2 Size:7.77M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0129 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0129 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0130 .

The upgrade package includes the following updates:
1. Add WebLogic Server-Side Request Forgery Vulnerability (CVE-2014-4210) Plug-in.
2. Update Microsoft Windows MHTML Script Code Injection Vulnerability (MS11-026) Plug-in.
3. Update Apache Account File Detected on Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-03-18 20:29:55
Name: rsas-vulweb-V6.0R02F00.0129.dat Version:6.0.1.29
MD5:535af7b8bd6145513e1848523965c01b Size:597.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0128 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0128 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0129 .

The upgrade package includes the following updates:
1. Add SSLv2 DROWN Attack Vulnerability (CVE-2016-0800) Plug-in.
2. Add Detection of Weak Passwords for Basic Authentication Login Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-03-04 22:07:44
Name: rsas-vulweb-V6.0R02F00.0128.dat Version:6.0.1.28
MD5:f6dbced4ae532b79c3a7812dfc535873 Size:355.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0127 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0127 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0128 .

The upgrade package includes the following updates:
1. Update MetInfo 5.3 Code Logic Error SQL Injection Vulnerability Plug-in.
2. Update plug-in database and plug-in template.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-02-19 18:26:40
Name: rsas-vulweb-V6.0R02F00.0127.dat Version:6.0.1.27
MD5:9e3040b957bab7b01f650ec4c7313490 Size:50.13M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0126 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0126 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0127 .

The upgrade package includes the following updates:
1. Update WebLogic Java Unserialize Remote Code Execution Vulnerability plug-in.
2. Update ElasticSearch Remote Code Execution Vulnerability Plug-in.
3. Update EL Expression Injection Vulnerability Detected in Target URL Plug-in.
4. Update Target Web Application Form Containing Password Detected to Be Submitted Through the GET Method Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-02-02 18:24:58
Name: rsas-vulweb-V6.0R02F00.0126.dat Version:6.0.1.26
MD5:065b7dfbdda25ffb47755566f9eb08f8 Size:377.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0125 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0125 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0126 .

The upgrade package includes the following updates:
1. Add Application Server GlassFish Arbitrary File Read Vulnerability plug-in.
2. Add XFire Services XML Entity Injection Vulnerability Plug-in.
3. Update Detection of Slow HTTP Denial-of-Service Attack on Target Host Plug-in.
4. Update User Name or Password Detected in Target Web Application Login Form Plug-in.
5. Update System Command Injection Vulnerability Detected in Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-01-21 18:55:49
Name: rsas-vulweb-V6.0R02F00.0125.dat Version:6.0.1.25
MD5:9ad565e721ba863a08ceba6925a59933 Size:376.8K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0124 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0124 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0125 .

The upgrade package includes the following updates:
1. Update XPath Injection Vulnerability Detected on Target URL Plug-in.
2. Update Detection of Weak Password on Target Web Application Form Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2016-01-08 18:31:40
Name: rsas-vulweb-V6.0R02F00.0124.dat Version:6.0.1.24
MD5:a065f527acf92683d37ed55c562faeb4 Size:389.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0123 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0123 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0124 .

The upgrade package includes the following updates:
1. Add Joomla! 1.5 Through 3.4 Remote Code Execution Vulnerability Plug-in.
2. Add DedeCMS 5.7SP1 /plus/download.php URL Redirection Vulnerability Plug-in.
3. Add Joomla! com_cckjseblod Exploit LFD Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-12-18 18:26:32
Name: rsas-vulweb-V6.0R02F00.0123.dat Version:6.0.1.23
MD5:cc9e10872a8ba731635e41aca5ea94bf Size:381.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0122 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0122 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0123 .

The upgrade package includes the following updates:
1. Update Parameter-based URL Jump Vulnerability Detected on Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-12-04 19:14:35
Name: rsas-vulweb-V6.0R02F00.0122.dat Version:6.0.1.22
MD5:7e0ed324388c6a74b41337cf5fbbbf2a Size:7.97M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0121 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0121 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0122 .

The upgrade package includes the following updates:
1. Add WebSphere Java Unserialize Remote Code Execution Vulnerability Plug-in.
2. Add WebLogic Java Unserialize Remote Code Execution Vulnerability Plug-in.
3. Add Jenkins Java Unserialize Remote Code Execution Vulnerability Plug-in.
4. Add Jenkins 1.633 Unauthorized Access Credential Disclosure Vulnerability Plug-in.
5. Add Jenkins Script Console Java Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-11-27 18:22:51
Name: rsas-vulweb-V6.0R02F00.0121.dat Version:6.0.1.21
MD5:0c396c89def63da91f5a45c92930911f Size:482.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0120 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0120 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0121 .

The upgrade package includes the following updates:
1. Add JBoss Java Unserialize Remote Code Execution Vulnerability Plug-in.
2. Add Unauthorized Access Detected to Target Redis Database Plug-in.
3. Add vBulletin 5.x.x Remote Arbitrary Code Execution Vulnerability Plug-in.
4. Add Joomla com_contenthistory Component SQL Injection Vulnerability Plug-in.
5. Update Frame Injection Vulnerability Detected in Target URL Plug-in.
6. Update Link Injection Vulnerability Detected in Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-11-18 17:43:13
Name: rsas-vulweb-V6.0R02F00.0120.dat Version:6.0.1.20
MD5:eec482c61c1b1d9f4c6ac0c3bcd42997 Size:1.18M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0119 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0119 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0120 .

The upgrade package includes the following updates:
1. Update XSS Vulnerability Detected On Target URL Plug-in.
2. Update IIS Short Filename Disclosure Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-11-06 18:35:15
Name: rsas-vulweb-V6.0R02F00.0119.dat Version:6.0.1.19
MD5:0f82de70292f4cf094ff51c31245f3aa Size:387.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0118 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0118 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0119 .

The upgrade package includes the following updates:
1. Update XSS Vulnerability Detected On Target URL Plug-in.
2. Update iis7/7.5 Parsing Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-10-23 17:56:03
Name: rsas-vulweb-V6.0R02F00.0118.dat Version:6.0.1.18
MD5:143e8e15d790abda1bd70617a982ec3d Size:358.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0117 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0117 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0118 .

The upgrade package includes the following update:
1. Update Web Application Detection Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-10-10 15:01:14
Name: rsas-vulweb-V6.0R02F00.0117.dat Version:6.0.1.17
MD5:13436d46fa2395253e96f591ad4b7c37 Size:8.00M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0116 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0116 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0117 .

The upgrade package includes the following updates:
1. Improve engine scanning capabilities.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-09-18 18:22:56
Name: rsas-vulweb-V6.0R02F00.0116.dat Version:6.0.1.16
MD5:9fb36b6d3dee10126ccdf24fa645186f Size:365.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0115 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0115 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0116 .

The upgrade package includes the following updates:
1. Add CmsEasy 5.5 clive Module SQL Injection Vulnerability Plug-in.
2. Add MetInfo 5.3 Code Logic Error SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-09-06 18:03:47
Name: rsas-vulweb-V6.0R02F00.0115.dat Version:6.0.1.15
MD5:6651dfd3643f5c22a6f5d4b1f2dd68b0 Size:363.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0114 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0114 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0115 .

The upgrade package includes the following updates:
1. Add PHPWind 9.0 Jplayer.swf Flash File XSS Vulnerability Plug-in.
2. Add PHPWind 9.0 swfupload.swf Flash File XSS Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-08-21 18:20:10
Name: rsas-vulweb-V6.0R02F00.0114.dat Version:6.0.1.14
MD5:78ae35967eee6dc734be802e85b806f7 Size:367.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0113 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0113 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0114 .

The upgrade package includes the following updates:
1. Add MetInfo 5.3 Parameter Splicing SQL Injection Vulnerability Plug-in.
2. Add DedeCMS install/index.php.bak Design Defect GetShell Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-08-07 19:41:02
Name: rsas-vulweb-V6.0R02F00.0113.dat Version:6.0.1.13
MD5:f50ec4a08cefd45925ce305018036cb8 Size:387.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0112 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0112 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0113 .

The upgrade package includes the following update:
1. Update XSS Vulnerability Detected On Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-07-24 18:34:33
Name: rsas-vulweb-V6.0R02F00.0112.dat Version:6.0.1.12
MD5:69d244744dd830aaf31eb20831a67102 Size:390.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0111 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0111 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0112 .

The upgrade package includes the following update:
1. Add MetInfo 5.3 Major Sensitive Information Disclosure Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-07-10 17:56:52
Name: rsas-vulweb-V6.0R02F00.0111.dat Version:6.0.1.11
MD5:a4eb83c922253523fc527df5faf6e140 Size:397.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0110 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0110 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0111 .

The upgrade package includes the following updates:
1. Add ESPCMS V6 Variable Design Defect SQL Injection Vulnerability Plug-in.
2. Add MetInfo 5.3 Variable Uninitialization SQL Injection Vulnerability Plug-in.
3. Add MetInfo 5.2 Arbitrary File Read Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-06-19 18:37:05
Name: rsas-vulweb-V6.0R02F00.0110.dat Version:6.0.1.10
MD5:6375afe3deddd8aa8c7abbe9d5d51b64 Size:10.59M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0109 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0109 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0110 .

The upgrade package includes the following updates:
1. Add Detection of Slow HTTP Denial-of-Service Attack on Target Host Plug-in.
2. Update System Command Injection Vulnerability Detected in Target URL Plug-in.
3. Update XPath Injection Vulnerability Detected on Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-06-05 18:17:22
Name: rsas-vulweb-V6.0R02F00.0109.dat Version:6.0.1.9
MD5:032a66fb8ec2238a98af007c3d0b2e23 Size:501.7K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0108 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0108 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0109 .

The upgrade package includes the following updates:
1. Add Detection of Remote Denial-of-Service Vulnerability in multipart/form-data HTTP Request Parsing of PHP on Target Host Plug-in.
2. Add Elasticsearch _river Unauthorized Access Vulnerability Plug-in.
3. Add WordPress Default Theme DOM XSS Due to Use of Old Version of jQuery Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-05-23 10:20:43
Name: rsas-vulweb-V6.0R02F00.0108.dat Version:6.0.1.8
MD5:1b9bf1da33589432767bff8a207b2486 Size:3.18M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0107 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0107 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0108 .

The upgrade package includes the following updates:
1. Add Hanweb Information Opening System SQL Injection Vulnerability Plug-in.
2. Add WordPress Comment Encoding Handling Cross-Site Scripting Vulnerability Plug-in.
3. Add 74CMS ajax_user User Name Detection SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-05-08 23:22:35
Name: rsas-vulweb-V6.0R02F00.0107.dat Version:6.0.1.7
MD5:9ce4b1bf4a9eee65f6c41230f500fab3 Size:371.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0106 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0106 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0107 .

The upgrade package includes the following updates:
1. Add HTTP Remote Code Execution Vulnerability (MS15-034) (CVE-2015-1635) Plug-in.
2. Update System Command Injection Vulnerability Detected in Target URL Plug-in.
3. Update Frame Injection Vulnerability Detected in Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-04-24 17:59:28
Name: rsas-vulweb-V6.0R02F00.0106.dat Version:6.0.1.6
MD5:59c16d012e0728a19e1453da5b435337 Size:389.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0105 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0105 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0106 .

The upgrade package includes the following updates:
1. Add PHPCMS V9 Authentication Key Disclosure Vulnerability Plug-in.
2. Add PHPCMS V9 Voting Function Remote Command Execution Vulnerability Plug-in.
3. Add SSL/TLS Bar Mitzvah Attack Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-04-10 18:47:33
Name: rsas-vulweb-V6.0R02F00.0105.dat Version:6.0.1.5
MD5:af4eadd0fb5bb86e06496a551e712e22 Size:377.0K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0104 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0104 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0105 .

The upgrade package includes the following updates:
1. Add WordPress xmlrpc.php Brute Force Vulnerability Plug-in.
2. Add Elasticsearch Groovy Arbitrary Command Execution Vulnerability Plug-in.
3. Add SSL/TLS FREAK Attack Vulnerability Plug-in.
4. Add Detection of Web Application Server Version Disclosure on Error Pages Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-03-20 19:12:34
Name: rsas-vulweb-V6.0R02F00.0104.dat Version:6.0.1.4
MD5:713aa079005f5f5ac90239414396914a Size:367.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0103 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0103 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0104 .

The upgrade package includes the following updates:
1. Add Detection of Background of Hikvision Surveillance Devices Plug-in.
2. Add Detection of Weak Login Passwords for Background of Hikvision Surveillance Devices Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-03-06 15:51:32
Name: rsas-vulweb-V6.0R02F00.0103.dat Version:6.0.1.3
MD5:e7f1a98c56e70f4156b17fd48f5573e2 Size:343.3K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0102 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0102 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0103 .

The upgrade package includes the following updates:
1. Update Parameter-based URL Jump Vulnerability Detected on Target Website Plug-in.
2. Update A Directory Showing File List Detected in Target Server Plug-in.
3. Update Database Connection File of Target Website Detected to Be Leaked Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-02-27 19:19:24
Name: rsas-vulweb-V6.0R02F00.0102.dat Version:6.0.1.2
MD5:9b7a82f8390f8389bd227eac9958f07d Size:449.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0101 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0101 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0102 .

The upgrade package includes the following update:
1. Add Database Connection File of Target Website Detected to Be Leaked Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-02-05 20:30:56
Name: rsas-vulweb-V6.0R02F00.0101.dat Version:6.0.1.1
MD5:786850e97e071794f80d612ee12978ba Size:10.44M
Description:

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0100 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0100 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0101 .

The upgrade package includes the following updates:
1. Add Clickjacking: X-Frame-Options Not Configured Plug-in.
2. Add EL Expression Injection Vulnerability Detected in Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-01-23 21:16:38
Name: rsas-vulweb-V6.0R02F00.0100.dat Version:6.0.1.0
MD5:f58ed95bd374cea6921c1587963cb9fd Size:11.73M
Description:

This is a web plug-in upgrade package, which supports the system versions of V6.0R02F00 and the web plug-in version of 6.0.0.* . This upgrade package is a cumulative upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0100 .

The upgrade package includes the following updates:
1. Add and update some webscan plug-ins.

Notes:
1. This upgrade package relies on system version V6.0R02F00. Before installing this upgrade package, please upgrade the system version to V6.0R02F00.
2. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2015-01-09 18:53:24
Name: rsas-vulweb-6.0.0.14.dat Version:6.0.0.14
MD5:fe3b9e09b934b0b95d9b31539829ccd3 Size:391.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in versions of 6.0.0.13 . This upgrade package is for incremental upgrade from the web plug-in version of 6.0.0.13 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to 6.0.0.14 .

The upgrade package includes the following update:
1. Add ECShop SQL Injection Due to Improper User Name Sanitization in WAP Mode Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2014-12-20 16:07:03
Name: rsas-vulweb-6.0.0.13.dat Version:6.0.0.13
MD5:e66f3df54d7fe0d4246212243c8ad45c Size:335.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in versions of 6.0.0.12 . This upgrade package is for incremental upgrade from the web plug-in version of 6.0.0.12 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to 6.0.0.13 .

The upgrade package includes the following updates:
1. Update System Directory Disclosure on Target Server Plug-in.
2. Enhance scanning engine.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2014-12-12 19:59:22
Name: rsas-vulweb-6.0.0.12.dat Version:6.0.0.12
MD5:5f1c70eb1463ae2caeac123dcd0b101a Size:505.6K
Description:

This is a web plug-in upgrade package, which supports the web plug-in versions of 6.0.0.11 . This upgrade package is for incremental upgrade from the web plug-in version of 6.0.0.11 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to 6.0.0.12 .

The upgrade package includes the following updates:
1. Add Apache Tomcat "/examples" Directory Multiple Vulnerabilities Plug-in.
2. Add HTTP Host Header Attack Vulnerability Detected in Target URL Plug-in.
3. Add Wide-Byte Cross-Site Scripting Vulnerability Detected in Target URL Plug-in.
4. Add FCKeditor spellchecker.php XSS Vulnerability Plug-in.
5. Add PHP Code Execution Vulnerability Detected on Website Management Systems of Many Government Departments Plug-in.
6. Add Yonyou TruboCRM SQL Injection Vulnerability Plug-in.
7. Add Qibo Local Portal System V5 SQL Injection Vulnerability Plug-ins.
8. Add WordPress Prior to 4.0 Comments Section Storage-Type XSS Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2014-12-05 22:44:36
Name: rsas-vulweb-6.0.0.11.dat Version:6.0.0.11
MD5:cede57675f178b888143c440e0978af3 Size:664.5K
Description:

This is a web plug-in upgrade package, which supports the web plug-in versions of 6.0.0.10 . This upgrade package is for incremental upgrade from the web plug-in version of 6.0.0.10 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to 6.0.0.11 .

The upgrade package includes the following update:
1. Add Session Token Detected in the Target URL Plug-in.
2. Add IIS Location Information Disclosure Plug-in.
3. Add web.xml Information Disclosure Plug-in.
4. Add Cross-Site Script Upload Vulnerability Plug-in.
5. Add Telephone Number Disclosure Detected in Target URL Plug-in.
6. Add jQuery XSS with $(location.hash) Plug-in.
7. Add 5 Known Application Vulnerability Plug-ins.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2014-11-21 18:38:55
Name: rsas-vulweb-6.0.0.10.dat Version:6.0.0.10
MD5:7eba1255d659fcf118135282249c298c Size:10.55M
Description:

This is a web plug-in upgrade package, which supports the web plug-in versions of 6.0.0.9 . This upgrade package is for incremental upgrade from the web plug-in version of 6.0.0.9 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to 6.0.0.10 .

The upgrade package includes the following updates:
1. Add SSLv3 Serious Design Defect Vulnerability (CVE-2014-3566) Plug-in.
2. Add allow_url_fopen Enabled in PHP Configuration Plug-in.
3. Add allow_url_include Enabled in PHP Configuration Plug-in.
4. Add display_errors Enabled in PHP Configuration Plug-in.
5. Add open_basedir Left Unconfigured in PHP Configuration Plug-in.
6. Add 8 Known Application Vulnerability Plug-ins.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2014-11-07 16:22:19
Name: rsas-vulweb-6.0.0.9.dat Version:6.0.0.9
MD5:6fe5918a3ddb11847867bffdb9008dd6 Size:11.51M
Description:

This is a web plug-in upgrade package, which supports the web plug-in versions of 6.0.0.8 . This upgrade package is for incremental upgrade from the web plug-in version of 6.0.0.8 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to 6.0.0.9 .

The upgrade package includes the following updates:
1. Add ASP Code Injection Vulnerability Detected at Target Website Plug-in.
2. Add Python Source Code Disclosure Detected in the Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2014-10-25 10:45:11
Name: rsas-vulweb-6.0.0.8.dat Version:6.0.0.8
MD5:4359cdcdfe584dede756686d59162406 Size:311.1K
Description:

This is a web plug-in upgrade package, which supports the web plug-in versions of 6.0.0.7 . This upgrade package is for incremental upgrade from the web plug-in version of 6.0.0.7 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to 6.0.0.8 .

The upgrade package includes the following update:
1. Add ThinkSNS TestAction.class.php File Some Parameter SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2014-10-10 21:10:35
Name: rsas-vulweb-6.0.0.7.dat Version:6.0.0.7
MD5:7fde5d83a0487e8cb75fec5717fe59c7 Size:313.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in versions of 6.0.0.6 . This upgrade package is for incremental upgrade from the web plug-in version of 6.0.0.6 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to 6.0.0.7 .

The upgrade package includes the following update:
1. Update GNU Bash Environment Variable Remote Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2014-09-30 16:31:03
Name: rsas-vulweb-6.0.0.6.dat Version:6.0.0.6
MD5:7aa113e9ea72b2a6f2ff9d86e49597eb Size:329.4K
Description:

This is a web plug-in upgrade package, which supports the web plug-in versions of 6.0.0.5 . This upgrade package is for incremental upgrade from the web plug-in version of 6.0.0.5 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to 6.0.0.6 .

The upgrade package includes the following updates:
1. Add GNU Bash Environment Variable Remote Command Execution Vulnerability Plug-in.
2. Add CmsEasy Improper Session Handling SQL Injection Vulnerability Plug-in.
3. Add CmsEasy Function respond_action Improper Parameter Handling SQL Injection Vulnerability Plug-in.
4. Add CmsEasy Function condition Improper KEY Handling SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2014-09-28 17:54:00
Name: rsas-vulweb-6.0.0.5.dat Version:6.0.0.5
MD5:01ef835e4876711e9cf806a9fdde9003 Size:322.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in versions of 6.0.0.4 . This upgrade package is for incremental upgrade from the web plug-in version of 6.0.0.4 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to 6.0.0.5 .

The upgrade package includes the following updates:
1. Add Discuz! X3.2 and Before SQL Injection Vulnerability Plug-in.
2. Add PHPCMS V9 SQL Injection Vulnerability Plug-in.
3. Add Hanweb JCMS SQL Injection Vulnerability Plug-in.
4. Add Hanweb JCMS Arbitrary File Read Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2014-09-19 22:32:13
Name: rsas-vulweb-6.0.0.4.dat Version:6.0.0.4
MD5:7faba8fcf35d0d1dfcfdc5f6c01cba16 Size:356.2K
Description:

This is a web plug-in upgrade package, which supports the web plug-in versions of 6.0.0.3 . This upgrade package is for incremental upgrade from the web plug-in version of 6.0.0.3 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to 6.0.0.4 .

The upgrade package includes the following update:
1. Add phpwind Full Version secretkey Disclosure Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2014-09-05 19:14:42
Name: rsas-vulweb-6.0.0.3.dat Version:6.0.0.3
MD5:823562903529e6291b92e393338fc916 Size:325.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in versions of 6.0.0.2 . This upgrade package is for incremental upgrade from the web plug-in version of 6.0.0.2 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to 6.0.0.3 .

The upgrade package includes the following update:
1. Update CSRF Vulnerability Detected on Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2014-08-22 16:50:37
Name: rsas-vulweb-6.0.0.2.dat Version:6.0.0.2
MD5:d75efb002e46d2e24deb3b52ae9cafcb Size:333.9K
Description:

This is a web plug-in upgrade package, which supports the web plug-in versions of 6.0.0.1 . This upgrade package is for incremental upgrade from the web plug-in version of 6.0.0.1 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to 6.0.0.2 .

The upgrade package includes the following updates:
1. Add Wordpress xmlrpc DoS Attack Vulnerability Plug-in.
2. Add Discuz! 5.x, 6.x, and 7.x Series SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2014-08-19 20:31:09
Name: rsas-vulweb-6.0.0.1.dat Version:6.0.0.1
MD5:19999de3cda5deb4f143ea4259ba0157 Size:10.73M
Description:

This is a web plug-in upgrade package, which supports the plug-in versions of 6.0.0.0 . This upgrade package is for incremental upgrade from the plug-in version of 6.0.0.0 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to 6.0.0.1 .

The upgrade package includes the following updates:
1. Add 33 Known Application Vulnerability Plug-ins.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

Release Time:2014-08-18 16:51:03