This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3604 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3604 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3605 .

The upgrade package includes the following updates:
1. Add Apache Struts2 S2-067 File Upload Vulnerability (CVE-2024-53677) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3603 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3603 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3604 .

The upgrade package includes the following updates:
1. Add Palo Alto Networks PAN-OS Authentication Bypass Vulnerability (CVE-2024-0012) Plug-in.
2. Add The WP Query Console plugin for WordPress Unauthorized Remote Command Execution Vulnerability (CVE-2024-50498) Plug-in.
3. Add Apache Solr Authentication Bypass Vulnerability (CVE-2024-45216) Plug-in.
4. Add Apache Solr Information Disclosure Vulnerability (CVE-2023-50290) Plug-in.
5. Add JeecgBoot Interface getTotalData Unauthorized SQL Injection Vulnerability (CVE-2024-48307) Plug-in.
6. Add Yonyou NC cartabletimeline SQL Injection Vulnerability Plug-in.
7. Add Yonyou NC Interface /portal/pt/task/process SQL Injection Vulnerability Plug-in.
8. Add Yonyou U8-CRM ajax/getufvouchdata.php SQL Injection Vulnerability Plug-in.
9. Add CenterSoft ERP System GetFile Arbitrary File Read Vulnerability Plug-in.
10. Add D-Link-NAS sc_mgr.cgi Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3602 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3602 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3603 .

The upgrade package includes the following updates:
1. Add Custom vulnerability detection plugin Plug-in.
2. Add CyberPanel upgrademysqlstatus Remote Command Execution Vulnerability (CVE-2024-51567 CVE-2024-51568) Plug-in.
3. Add VMware vSphere Client Path Traversal Vulnerability (CVE-2021-21972) Plug-in.
4. Add Zyxel NAS520 Operating System Command Injection Vulnerability (CVE-2020-9054) Plug-in.
5. Add Movable Type XMLRPC Operating System Command Injection Vulnerability (CVE-2021-20837) Plug-in.
6. Add MinIO Unauthorized Server-Side Request Forgery Vulnerability (CVE-2021-21287) Plug-in.
7. Add Apache Tomcat Deserialization Remote Code Execution Vulnerability (CVE-2020-9484) Plug-in.
8. Add Buffalo WSR-2533DHPL2 Path Traversal Vulnerability (CVE-2021-20090) Plug-in.
9. Add VICIdial Information Disclosure Vulnerability (CVE-2021-28854) Plug-in.
10. Add emlog Directory Traversal Vulnerability (CVE-2021-3293) Plug-in.
11. Add OpenOlat Directory Traversal Vulnerability (CVE-2021-27748) Plug-in.
12. Add systeminformation Command Injection Vulnerability (CVE-2021-21315) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3601 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3601 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3602 .

The upgrade package includes the following updates:
1. Add Vmware vSphere Client Improper Input Validation Vulnerability (CVE-2021-21985) Plug-in.
2. Add VMware vCenter Server Analytics Server Path Traversal Vulnerability (CVE-2021-22005) Plug-in.
3. Add WordPress Secure Copy Content Protection and Content Locking Plugin SQL Injection Vulnerability (CVE-2021-24931) Plug-in.
4. Add RaspAP Operating System Command Injection Vulnerability (CVE-2021-33357) Plug-in.
5. Add ZOHO ManageEngine Apache xmlsec Security Vulnerability (CVE-2022-47966) Plug-in.
6. Add Cobbler Remote Code Execution Vulnerability (CVE-2021-40323) Plug-in.
7. Add pfSense diag_routes.php Code Injection Vulnerability (CVE-2021-41282) Plug-in.
8. Add KubePi JWT Default Key Permission Bypass Vulnerability (CVE-2023-22463) Plug-in.
9. Add Lexmark Remote Code Execution Vulnerability (CVE-2023-26067) Plug-in.
10. Add HTTP Missing Secure Header Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3600 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3600 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3601 .

The upgrade package add 31 plugins, including but not limited to:
1. Add Gurock TestRail Information Disclosure Vulnerability (CVE-2021-40875) Plug-in.
2. Add ChronoEngine ChronoForms Path Traversal Vulnerability (CVE-2021-28377) Plug-in.
3. Add Redash Default Session Forgery Vulnerability (CVE-2021-41192) Plug-in.
4. Add Crestron HD-MD4X2-4K-E HDMI Authentication Bypass Vulnerability (CVE-2022-23178) Plug-in.
5. Add Minio External IDP Improper Access Control Vulnerability (CVE-2021-41266) Plug-in.
6. Add ForgeRock AM Remote Code Execution Vulnerability (CVE-2021-35464) Plug-in.
7. Add Auerswald Compact Series Firmware Backdoor Vulnerability (CVE-2021-40859) Plug-in.
8. Add Land Software FAUST iServer Path Traversal Vulnerability (CVE-2021-34805) Plug-in.
9. Add WordPress Zoomsounds Plugin Directory Traversal Vulnerability (CVE-2021-39316) Plug-in.
10. Add Dahua IPC Authentication Bypass Vulnerability (CVE-2021-33044) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.35* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3600 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.3501.dat to rsas-vulweb-V6.0R02F00.3528.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3527 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3527 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3528 .

The upgrade package includes the following updates:
1. Add Chanjet T+ /tplus/ajaxpro/Ufida.T.SM.UIP.MultiCompanyController,Ufida.T.SM.UIP.ashx SQL Injection Vulnerability Plug-in.
2. Add NSFOCUS SAS Bastion Machine /webconf/Exec Remote Code Execution Vulnerability Plug-in.
3. Add NetentSec NS-ASG Security Gateway /protocol/index.php Remote Command Execution Vulnerability Plug-in.
4. Add Landray EIS Smart Collaboration Platform /eis/service/api.aspx Arbitrary File Upload Vulnerability Plug-in.
5. Add Tongda OA /interface/auth.php Path SQL Injection Vulnerability Plug-in.
6. Add Tongda OA /module/AIP/get_file.php Arbitrary File Download Vulnerability Plug-in.
7. Add Tongda OA /scoredate/result.php Path SQL Injection Vulnerability Plug-in.
8. Add K3 Apusic Server /admin//protect/jndi/loadTree LDAP Injection Vulnerability Plug-in.
9. Add Ruijie EWEB /cgi-bin/luci/api/auth Remote Command Execution Vulnerability Plug-in.
10. Add BQE BillQuick Web Suite SQL Injection Vulnerability (CVE-2021-42258) Plug-in.
11. Add Microsoft Exchange Server Security Vulnerability (CVE-2021-41349) Plug-in.
12. Add Payara Micro Community Path Traversal Vulnerability (CVE-2021-41381) Plug-in.
13. Add Sitecore XP Deserialization Vulnerability (CVE-2021-42237) Plug-in.
14. Add Keking KkFileview Directory Traversal Vulnerability (CVE-2021-43734) Plug-in.
15. Add Caucho Resin Directory Traversal Vulnerability (CVE-2021-44138) Plug-in.
16. Add ZOHO ManageEngine Desktop Central MSP Authorization Bypass Vulnerability (CVE-2021-44515) Plug-in.
17. Add UpdateStar HD-Network Real Time Monitoring System Directory Traversal Vulnerability (CVE-2021-45043) Plug-in.
18. Add ZOHO ManageEngine ServiceDesk Plus Improper Access Control Vulnerability (CVE-2021-44077) Plug-in.
19. Add SpringBlade Framework Default SIGN_KEY Information Disclosure Vulnerability (CVE-2021-44910) Plug-in.
20. Add SolarWinds Web Help Desk Trust Management Vulnerability (CVE-2024-28987) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3526 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3526 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3527 .

The upgrade package includes the following updates:
1. Add Weaver e-cology ModeDateService Interface SQL Injection Vulnerability Plug-in.
2. Add Weaver E-Mobile cdnfile Interface Arbitrary File Read Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3525 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3525 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3526 .

The upgrade package includes the following updates:
1. Add WAVLINK Wireless Router nightled.cgi Command Injection Vulnerability (CVE-2022-2487) Plug-in.
2. Add WordPress Plugin User Post Gallery Code Injection Vulnerability (CVE-2022-4060) Plug-in.
3. Add dotCMS ContentResource API File Write Vulnerability (CVE-2022-26352) Plug-in.
4. Add Contec SolarView Compact conf_mail.php Command Injection Vulnerability (CVE-2022-29303) Plug-in.
5. Add Nortek Control Linear eMerge E3-Series Administrative Credential Plaintext Storage Vulnerability (CVE-2022-31269) Plug-in.
6. Add pfSense pfBlockerNG Command Injection Vulnerability (CVE-2022-31814) Plug-in.
7. Add Lin CMS Spring Boot Backend Information and Functionality Access Vulnerability (CVE-2022-32430) Plug-in.
8. Add Hytec Inter HWL-2511-SS popen.cgi Command Injection Vulnerability (CVE-2022-36553) Plug-in.
9. Add RaspAP Command Injection Vulnerability (CVE-2022-39986) Plug-in.
10. Add Hitachi Vantara Pentaho Business Analysis Server Code Injection Vulnerability (CVE-2022-43769) Plug-in.
11. Add Weaver /json.php SQL Injection Vulnerability Plug-in.
12. Add DAS-SECURITY Dbappsecurity Security Gateway aaa_portal_auth_local_submit Remote Command Execution Vulnerability Plug-in.
13. Add DAS-SECURITY Dbappsecurity Security Gateway aaa_local_web_preview Remote Command Execution Vulnerability Plug-in.
14. Add Yonyou nc cloud /ncchr/pm/fb/attachment/uploadChunk Arbitrary File Upload Vulnerability Plug-in.
15. Add Yonyou NC/NCC /uapjs/jsinvoke Arbitrary File Upload Vulnerability Plug-in.
16. Add Yonyou TurboCRM /ajax/getemaildata.php Arbitrary File Download Vulnerability Plug-in.
17. Add Yonyou TurboCRM /getemaildata.php Path Arbitrary File Upload Vulnerability Plug-in.
18. Add Yonyou Ufida /hrss/ELTextFile.load.d Arbitrary File Read Vulnerability Plug-in.
19. Add Yonyou Ufida /hrss/ref.show.d SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3524 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3524 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3525 .

The upgrade package includes the following updates:
1. Add SRM Smartlink Cloud Mining System Login Bypass Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3523 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3523 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3524 .

The upgrade package includes the following updates:
1. Add Cloud Platform Login Bypass Vulnerability in Zhuhai Xinhua Tong Software Co. Plug-in.
2. Add DCN firewall command execution vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3522 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3522 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3523 .

The upgrade package includes the following updates:
1. Add Inspur GS Enterprise Management Software uploadlistfile Arbitrary File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3521 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3521 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3522 .

The upgrade package includes the following updates:
1. Add There is an SQL Injection vulnerability in the MeasureQResultAction interface of UFIDA U8 Cloud Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3520 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3520 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3521 .

The upgrade package includes the following updates:
1. Add Raisecom multi-service intelligent gateway contains multiple remote command execution vulnerabilities Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3519 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3519 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3520 .

The upgrade package includes the following updates:
1. Add Hikvision Comprehensive Security Management Platform /resourceOperations/upload Path Arbitrary File Upload Vulnerability Plug-in.
2. Add Hikvision Comprehensive Security Management Platform /svm/api/v1/productFile Path Arbitrary File Upload Vulnerability Plug-in.
3. Add Hikvision Comprehensive Security Management Platform /center/api/session Deserialization Vulnerability Plug-in.
4. Add Sangfor SSLVPN /por/checkurl.csp Path Remote Command Execution Vulnerability Plug-in.
5. Add Yonyou GRP-U8 /UploadFileData Arbitrary File Upload Vulnerability Plug-in.
6. Add Yonyou GRP-U8 /listSelectDialogServlet SQL Injection Vulnerability Plug-in.
7. Add Yonyou GRP-U8 /U8AppProxy Arbitrary File Upload Vulnerability Plug-in.
8. Add UniNXG Secure Data Exchange System SQL Injection Vulnerability Plug-in.
9. Add Prometheus Metrics Unauthorized Access Vulnerability Plug-in.
10. Add Prometheus Unauthorized Access Vulnerability Plug-in.
11. Add Apache Kafka Unauthorized Access Vulnerability Plug-in.
12. Add Ming Yuan ERP System SQL Injection Vulnerability Plug-in.
13. Add TRS Media Asset Management System uploadThumb File Upload Vulnerability Plug-in.
14. Add Bangyong PM2 Project Management System Arbitrary File Upload Vulnerability Plug-in.
15. Add Tenda FH1201 Router Command Injection Vulnerability (CVE-2024-41473) Plug-in.
16. Add Tenda FH1201 Router Command Injection Vulnerability (CVE-2024-41468) Plug-in.
17. Add Landray EIS Smart Collaboration Platform Multiple Interfaces SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3518 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3518 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3519 .

The upgrade package includes the following updates:
1. Add SanYi Technology Vehicle Monitoring Service Platform has an SQL injection vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3517 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3517 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3518 .

The upgrade package includes the following updates:
1. Add Yonyou UFIDA NC Link interface contains an SQL injection vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3516 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3516 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3517 .

The upgrade package includes the following updates:
1. Add Raisecom Multi-Business Gateway Remote Command Execution Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3515 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3515 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3516 .

The upgrade package includes the following updates:
1. Add pyload Code Injection Vulnerability (CVE-2023-0297) Plug-in.
2. Add Sophos Web Appliance Pre-Authorization Command Injection Vulnerability (CVE-2023-1671) Plug-in.
3. Add Cisco IOS XE Component Privilege Escalation Vulnerability (CVE-2023-20198) Plug-in.
4. Add VMware VRealize Network Command Injection Vulnerability (CVE-2023-20887) Plug-in.
5. Add The WordPress Login with Phone Number Plugin SQL Injection Vulnerability (CVE-2023-23492) Plug-in.
6. Add MeterSphere API Improper Access Control Vulnerability (CVE-2023-25573) Plug-in.
7. Add Atheros SmartZone Remote Code Execution Vulnerability (CVE-2023-25717) Plug-in.
8. Add Adobe ColdFusion Arbitrary File Read Vulnerability (CVE-2023-26360) Plug-in.
9. Add Altenergy Power System Control Software Command Injection Vulnerability (CVE-2023-28343) Plug-in.
10. Add Adobe ColdFusion Deserialization Code Execution Vulnerability (CVE-2023-29300) Plug-in.
11. Add STAGIL Navigation Plugin Path Traversal Vulnerability (CVE-2023-26255) Plug-in.
12. Added two high and one weak special vulnerability scanning templates.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3514 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3514 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3515 .

The upgrade package includes the following updates:
1. Add PowerPMS APPGetUser SQL Injection Vulnerability Plug-in.
2. Add Whir OA OfficeServer Arbitrary File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3513 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3513 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3514 .

The upgrade package includes the following updates:
1. Add E-office10 schema_mysql Sensitive Information Disclosure Vulnerability Plug-in.
2. Add JeecgBoot show Remote Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3512 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3512 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3513 .

The upgrade package includes the following updates:
1. Add The Weaver OA HrmService interface has an information disclosure vulnerability Plug-in.
2. Add H3C iMC Intelligent Management Center has a remote code execution vulnerability affecting multiple interfaces Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3511 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3511 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3512 .

The upgrade package includes the following updates:
1. Add The Yisaitong Electronic Document Security Management System has an SQL injection vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3510 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3510 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3511 .

The upgrade package includes the following updates:
1. Add TVT DVR Information Disclosure Vulnerability (CVE-2024-7339) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3509 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3509 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3510 .

The upgrade package includes the following updates:
1. Add Apache OFBiz has a remote command execution vulnerability (CVE-2024-38856). Plug-in.
2. Add The ContractLock e-signature platform has an arbitrary command execution vulnerability in the `param/edits` endpoint. Plug-in.
3. Add The JinanWave CloudLink application system has a remote command execution vulnerability in the GNRemote.dll component Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3508 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3508 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3509 .

The upgrade package includes the following updates:
1. Add HJSOFT Human Resources Management System /servlet/DisplayFiles Path Arbitrary File Read Vulnerability Plug-in.
2. Add HJSOFT Human Resources Management System /uploadFile Path Arbitrary File Upload Vulnerability Plug-in.
3. Add Glodon /Services/Identification/Server/test.aspx Information Disclosure Vulnerability Plug-in.
4. Add CAIMORE Gateway /goform/formping Remote Code Execution Vulnerability Plug-in.
5. Add Ming Yuan Cloud ERP Interface Manager /myunke/ApiUpdateTool/ApiUpdate.ashx Arbitrary File Upload Vulnerability Plug-in.
6. Add Weaver E-Office /general/file_folder/file_new/neworedit/download.php Arbitrary File Read Vulnerability Plug-in.
7. Add Weaver E-Office /general/weibo/javascript/LazyUploadify/uploadify.php Arbitrary File Upload Vulnerability Plug-in.
8. Add Weaver E-Office /general/weibo/javascript/uploadify/uploadify.php Arbitrary File Upload Vulnerability Plug-in.
9. Add Weaver E-office /json_common.php SQL Injection Vulnerability Plug-in.
10. Add Weaver E-office 9.5 /E-mobile/App/System/UserSelect/index.php SQL Injection Vulnerability Plug-in.
11. Add EnterSoft Customer Resource Management System /entsoft/MailAction.entphone Arbitrary File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3507 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3507 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3508 .

The upgrade package includes the following updates:
1. Add Jeecg-Boot permission bypass vulnerability in the report component Plug-in.
2. Add Yearning exists directory traversal vulnerability (CVE-2022-27043) Plug-in.
3. Add Fang Tianyun GetCompanyItem has a SQL injection vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3506 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3506 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3507 .

The upgrade package includes the following updates:
1. Add Tianwen Property ERP System ContractDownLoad.aspx arbitrary file reading vulnerability Plug-in.
2. Add Huatian Power OA Downloader WPSFILE Arbitrary file Reading Vulnerability Plug-in.
3. Add Tongda OA privateUpload.php Front-end arbitrary file upload vulnerability Plug-in.
4. Add Tongda OA paction_upload.php front arbitrary file upload vulnerability Plug-in.
5. Add Tongda OA go.php interface has SQL injection vulnerability. Plug-in.
6. Add Tongda OA search_excel.php interface has SQL injection vulnerability. Plug-in.
7. Add Tongda OA use_finger.php interface has SQL injection vulnerability. Plug-in.
8. Add Tongda OA get_file.php has a file download vulnerability. Plug-in.
9. Add Hikvision Integrated Security Management Platform Remote Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3505 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3505 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3506 .

The upgrade package includes the following updates:
1. Add FanRuan decision/remote/design/channel Deserialization Vulnerability Plug-in.
2. Add Weaver e-cology WorkPlanService front-end SQL injection vulnerability Plug-in.
3. Add Keytop fully intelligent parking charging system Webervice.asmx arbitrary file upload vulnerability Plug-in.
4. Add Weaver E-Mobile installOperate.do has a server request forgery vulnerability. Plug-in.
5. Add The querygoodsgridbycode interface of the UFIDA NC system has a SQL injection vulnerability. Plug-in.
6. Add TOTOLINK A6000R apcli_do_enr_pin_wps REMOTE COMMAND EXECUTION VULNERABILITY Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3504 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3504 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3505 .

The upgrade package includes the following updates:
1. Add Tianwen property ERP system AreaAvatarDownLoad.aspx arbitrary file reading vulnerability Plug-in.
2. Add Glodon LinkWorks ArchiveWebService.asmx interface XML entity injection vulnerability Plug-in.
3. Add Raqsoft Reports dataSphereServlet Arbitrary File Upload Vulnerability Plug-in.
4. Add Raqsoft Reports dataSphereServlet Interface Arbitrary File Read Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3503 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3503 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3504 .

The upgrade package includes the following updates:
1. Add Venusstar Tianqing Hanma VPN Arbitrary File Read Vulnerability Plug-in.
2. Add The disable interface of G-SKY CMSV6 vehicle positioning monitoring platform has a SQL injection vulnerability Plug-in.
3. Add Seeyon OA fileUpload.do has a file upload vulnerability. Plug-in.
4. Add Seeyon AnalyticsCloud Arbitrary File Reading Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3502 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3502 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3503 .

The upgrade package add 33 plugins, including but not limited to:
1. Add Western Digital My Cloud /cgi-bin/nas_sharing.cgi Remote Command Execution Vulnerability Plug-in.
2. Add Wanhu OA /defaultroot/platform/portal/layout/common/upload.jsp Arbitrary File Upload Vulnerability Plug-in.
3. Add Wanhu OA /defaultroot/platform/portal/portlet/pic/pic.jsp SQL Injection Vulnerability Plug-in.
4. Add Wanhu OA /defaultroot/yzConvertFile/file2Html.controller Arbitrary File Upload Vulnerability Plug-in.
5. Add TG-NET Holographic AI Weak Current Network Comprehensive Operation and Maintenance Platform Remote Command Execution Vulnerability Plug-in.
6. Add Dahua Intelligent IoT Comprehensive Management Platform /evo-apigw/evo-face/personInfo/page Information Disclosure Vulnerability Plug-in.
7. Add Dahua Smart Park Comprehensive Management Platform /deleteFtp Path FastJson Remote Code Execution Vulnerability Plug-in.
8. Add Dahua Smart Park Comprehensive Management Platform /emap/webservice/gis/soap/bitmap Arbitrary File Upload Vulnerability Plug-in.
9. Add Dahua Smart Park Comprehensive Management Platform /emap/webservice/gis/soap/poi Path Arbitrary File Upload Vulnerability Plug-in.
10. Add Dahua Smart Park Comprehensive Management Platform /ipms/barpay/pay Path FastJson Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3501 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3501 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3502 .

The upgrade package includes the following updates:
1. Add JeecgBoot /commonController.do Arbitrary File Upload Vulnerability Plug-in.
2. Add Panabit iXCache /cgi-bin/Maintain/date_config Remote Command Execution Vulnerability Plug-in.
3. Add Panabit Log System /sy_addmount.php Path Remote Command Execution Vulnerability Plug-in.
4. Add TongdaOA share/handle.php File SQL Injection Vulnerability Plug-in.
5. Add VMware vCenter Server /eam/vib Path Arbitrary File Read Vulnerability Plug-in.
6. Add IDocView /system/cmd.json Arbitrary Command Execution Vulnerability Plug-in.
7. Add Imo Cloud Office System /get_file.php Path Remote Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3500 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3500 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3501 .

The upgrade package includes the following updates:
1. Add Seeyon OA saveFormula4Cloud Interface JNDI Injection Vulnerability Plug-in.
2. Add EASFENET Document Security Management System SaveCDGPermissionFromGFOA SQL Injection Vulnerability Plug-in.
3. Add HJSOFT HCM pos_dept_post Interface SQL Injection Vulnerability Plug-in.
4. Add Yonyou NC doPost Interface SQL Injection Vulnerability Plug-in.
5. Add Weaver E-Cology Arbitrary File Read Vulnerability Plug-in.
6. Add h3c secparh Bastion Machine /audit/data_provider.php Command Execution Plug-in.
7. Add Geovision IP Camera /PictureCatch.cgi Path Remote Command Execution Plug-in.
8. Add H3C Enterprise-Level Router /goform/aspForm Remote Code Execution Vulnerability Plug-in.
9. Add iDocView /html/2word Remote Code Execution Vulnerability Plug-in.
10. Add NetMizer Traffic Management System cmd.php Remote Command Execution Vulnerability Plug-in.
11. Add REALOR GWT System GetBSAppUrl SQL Injection Vulnerability Plug-in.
12. Add GeoServer wfs Remote Command Execution Vulnerability (CVE-2024-36401) Plug-in.
13. Add Dahua DSS Digital Surveillance System-user_edit.action-Information Disclosure Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.34* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3500 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.3401.dat to rsas-vulweb-V6.0R02F00.3407.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3406 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3406 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3407 .

The upgrade package includes the following updates:
1. Add Hikvision Comprehensive Security Management Platform applyAutoLoginTicket Remote Code Execution Vulnerability Plug-in.
2. Add Meite CRM upload.jsp File Upload RCE Vulnerability Plug-in.
3. Add Yonyou Chanjet TPlus-keyEdit.aspx SQL Injection Vulnerability Plug-in.
4. Add Ruijie RG-EW1200G Wireless Router Login Bypass Vulnerability (CVE-2023-4415) Plug-in.
5. Add HJSOFT e-HR showmedia.jsp SQL Injection Vulnerability Plug-in.
6. Add Hikvision Comprehensive Security Management Platform download Arbitrary File Read Vulnerability Plug-in.
7. Add Apache OFBiz Path Traversal Vulnerability (CVE-2024-36104) Plug-in.
8. Add Check Point Security Gateway Information Disclosure Vulnerability (CVE-2024-24919) Plug-in.
9. Add PHP-CGI Parameter Injection Vulnerability (CVE-2024-4577) Plug-in.
10. Add Yonyou NC System downCourseWare Arbitrary File Read Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3405 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3405 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3406 .

The upgrade package includes the following updates:
1. Add XWiki Platform Remote Code Execution Vulnerability (CVE-2023-37462) Plug-in.
2. Add modoboa Permission Bypass Vulnerability (CVE-2023-0777) Plug-in.
3. Add HJSOFT e-HR showmediainfo SQL Injection Vulnerability Plug-in.
4. Add Nexus Repository Path Traversal Vulnerability (CVE-2024-4956) Plug-in.
5. Add Gradio Server-Side Request Forgery Vulnerability (CVE-2024-1183) Plug-in.
6. Add H2O Server Unauthorized File Read Vulnerability (CVE-2023-6038) Plug-in.
7. Add Yonyou U8 cloud System XChangeServlet Interface XXE Vulnerability Plug-in.
8. Add Weaver e-cology jqueryFileTree.jsp Directory Traversal Vulnerability Plug-in.
9. Add HJSOFT eHR OutputCode Interface Arbitrary File Read Vulnerability Plug-in.
10. Add HJSOFT eHR fieldsettree Interface SQL injection vulnerability Plug-in.
11. Add Yonyou NC complainbilldetail Interface SQL Injection Vulnerability Plug-in.
12. Add Yonyou NC downTax/download Interface SQL Injection Vulnerability Plug-in.
13. Add Yonyou NC warningDetailInfo Interface SQL Injection Vulnerability Plug-in.
14. Add Yonyou NC linkVoucher Interface SQL Injection Vulnerability Plug-in.
15. Add WanHu OA text2Html Arbitrary File Read Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3404 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3404 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3405 .

The upgrade package includes the following updates:
1. Add REALOR GWT System SQL Injection Vulnerability Plug-in.
2. Add REALOR GWT System Remote Code Execution Vulnerability Plug-in.
3. Add Grafana Permission Bypass Vulnerability (CVE-2021-27358) Plug-in.
4. Add Gradio Unauthorized File Read Vulnerability (CVE-2024-1561) Plug-in.
5. Add Yonyou U8 CRM Customer Relationship Management System Arbitrary File Upload Vulnerability Plug-in.
6. Add EASFENET Document Security Management System Arbitrary File Read Vulnerability Plug-in.
7. Add Weaver OA E-Cology ResourceServlet Arbitrary File Read Vulnerability Plug-in.
8. Add Yonyou NC registerServlet JNDI Remote Code Execution Vulnerability Plug-in.
9. Add EASFENET Document Security Management System Arbitrary File Read Vulnerability Plug-in.
10. Add Dahua Intelligent IoT Comprehensive Management Platform FastJson Code Execution Vulnerability Plug-in.
11. Add Gradio Path Traversal Vulnerability (CVE-2024-1728) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3403 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3403 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3404 .

The upgrade package includes the following updates:
1. Add Target Site Detected to Have Tomcat docs Document Exposure Issue Plug-in.
2. Add Yonyou PaWfm2 Interface SQL Injection Vulnerability Plug-in.
3. Add Vertaai/modeldb Related Path Traversal Vulnerability (CVE-2023-6023) Plug-in.
4. Add Primeton EOS Platform eos.jmx Interface Deserialization Vulnerability Plug-in.
5. Add ZenTao zentaosid Authentication Bypass Vulnerability Plug-in.
6. Add MingSoft CMS list Interface SQL Injection Vulnerability Plug-in.
7. Add WordPress EventON Plugin Unauthorized Information Disclosure Vulnerability (CVE-2024-0235) Plug-in.
8. Add ReCrystallize Server Unbound Session Authentication Vulnerability (CVE-2024-26331) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3402 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3402 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3403 .

The upgrade package includes the following updates:
1. Add MLflow Path Traversal Vulnerability (CVE-2023-6909) Plug-in.
2. Add ConnectWise ScreenConnect Authentication Bypass Vulnerability (CVE-2024-1709) Plug-in.
3. Add GraphQL API Data Leak Vulnerability (CVE-2021-4191) Plug-in.
4. Add Tenda 11N Router Login Authentication Bypass Vulnerability (CVE-2022-42233) Plug-in.
5. Add Zabbix Authorization Bypass Vulnerability (CVE-2022-23134) Plug-in.
6. Add Dogtag PKI XML External Entity Injection Vulnerability (CVE-2022-2414) Plug-in.
7. Add WordPress W3 Total Cache Plugin Sensitive Information Disclosure Vulnerability (CVE-2019-6715) Plug-in.
8. Add MLflow Path Traversal Vulnerability (CVE-2023-1177) Plug-in.
9. Add MLflow Server File Overwrite Vulnerability (CVE-2023-6018) Plug-in.
10. Add MLflow Sensitive File Read Vulnerability (CVE-2023-6977) Plug-in.
11. Add Mlflow Local File Read Vulnerability (CVE-2023-2780) Plug-in.
12. Add MLflow Path Traversal Vulnerability (CVE-2023-2356) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3401 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3401 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3402 .

The upgrade package includes the following updates:
1. Add Palo Alto Networks PAN-OS Command Injection Vulnerability (CVE-2024-3400) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3400 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3400 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3401 .

The upgrade package add 23 plugins, including but not limited to:
1. Add InsydeH2O System Management Privilege Escalation Vulnerability (CVE-2020-2733) Plug-in.
2. Add openSIS Student Information Management System SQL Injection Vulnerability (CVE-2020-6637) Plug-in.
3. Add WSO2 API Manager XML External Entity Injection Vulnerability (CVE-2020-24589) Plug-in.
4. Add Seomatic Template Injection Vulnerability (CVE-2020-9757) Plug-in.
5. Add Ivanti Endpoint Manager Unauthenticated User Arbitrary Code Execution Vulnerability (CVE-2021-44529) Plug-in.
6. Add Gogs Repository File Upload Remote Code Execution Vulnerability (CVE-2022-0415) Plug-in.
7. Add WordPress Metform Plugin Improper Access Control Vulnerability (CVE-2022-1442) Plug-in.
8. Add ComfyUI Unauthorized File Read Vulnerability Plug-in.
9. Add Adobe ColdFusion Arbitrary File Read Vulnerability (CVE-2024-20767) Plug-in.
10. Add JEEWMS JDBC Deserialization Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.33* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3400 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.3301.dat to rsas-vulweb-V6.0R02F00.3306.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3305 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3305 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3306 .

The upgrade package includes the following updates:
1. Add HONGFAN iOffice ioDesktopData.asmx Interface SQL Injection Vulnerability Plug-in.
2. Add HJSOFT eHR Human Resources Management Software Arbitrary File Read Vulnerability Plug-in.
3. Add NextChat Server-Side Request Forgery and Cross-Site Scripting Vulnerabilities (CVE-2023-49785) Plug-in.
4. Add Yonyou NC saveDoc.ajax Arbitrary File Upload Vulnerability Plug-in.
5. Add WordPress WP Google Maps Plugin Improper Input Validation Vulnerability (CVE-2019-10692) Plug-in.
6. Add Gutenberg Template Library Unauthorized Sensitive Information Disclosure Vulnerability (CVE-2021-38314) Plug-in.
7. Add BackupBuddy Plugin Path Traversal Vulnerability (CVE-2022-31474) Plug-in.
8. Add Jira STAGIL Navigation Plugin Path Traversal Vulnerability (CVE-2023-26256) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3304 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3304 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3305 .

The upgrade package includes the following updates:
1. Add Aiohttp Path Traversal Vulnerability (CVE-2024-23334) Plug-in.
2. Add NocoDB Arbitrary File Access Vulnerability (CVE-2023-35843) Plug-in.
3. Add Bricks Remote Code Execution Vulnerability (CVE-2024-25600) Plug-in.
4. Add Landray EIS rpt_listreport_definefield.aspx SQL Injection Vulnerability Plug-in.
5. Add Yonyou U9 UMWebService.asmx Arbitrary File Read Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3303 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3303 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3304 .

The upgrade package includes the following updates:
1. Add Foodbakery Plugin Cross-Site Scripting Vulnerability (CVE-2021-24389) Plug-in.
2. Add WordPress Plugin WOOF Cross-Site Scripting Vulnerability (CVE-2021-25085) Plug-in.
3. Add WordPress Plugin WOOCS Cross-Site Scripting Vulnerability (CVE-2022-0234) Plug-in.
4. Add mooSocial Cross-Site Scripting Vulnerability (CVE-2023-43325) Plug-in.
5. Add mooSocial Email Functionality Cross-Site Scripting Vulnerability (CVE-2023-43326) Plug-in.
6. Add mooSocial Cross-Site Scripting Vulnerability (CVE-2023-45542) Plug-in.
7. Add Hikvision Integrated Security Management Platform Arbitrary File Read Vulnerability Plug-in.
8. Add Gold and OA jc6 GetAttOut Interface SQL Injection Vulnerability Plug-in.
9. Add Legendsec SecGate3600 sys_hand_upfile Arbitrary File Upload Vulnerability Plug-in.
10. Add Huawei Auth-Http Server File Read Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3302 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3302 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3303 .

The upgrade package includes the following updates:
1. Add Cross-Source Resource Sharing Insecure Configuration Vulnerability Plug-in.
2. Add Jenkins Unauthorized File Read Vulnerability (CVE-2024-23897) Plug-in.
3. Add Confluence Remote Code Execution Vulnerability (CVE-2023-22527) Plug-in.
4. Add Seeyon OA M3 Server Deserialization Remote Code Execution Vulnerability Plug-in.
5. Add WordPress Embed Swagger Plugin Cross-Site Scripting Vulnerability (CVE-2022-0381) Plug-in.
6. Add WordPress Pricing Tables Plugin Cross-Site Scripting Vulnerability (CVE-2022-1904) Plug-in.
7. Add WordPress Stock Ticker Plugin Cross-Site Scripting Vulnerability (CVE-2022-45365) Plug-in.
8. Add Spotweb SpotPage_login.php Cross-Site Scripting Vulnerability (CVE-2021-43725) Plug-in.
9. Add Verint Workforce Optimization Cross-Site Scripting Vulnerability (CVE-2021-36450) Plug-in.
10. Add Adobe ColdFusion Improper Access Control Vulnerability (CVE-2023-26347) Plug-in.
11. Add Adobe Connect Improper Access Control Vulnerability (CVE-2023-22232) Plug-in.
12. Add Apache OFBiz Path Traversal Vulnerability (CVE-2022-47501) Plug-in.
13. Add Appspace Server-Side Request Forgery Vulnerability (CVE-2021-27670) Plug-in.
14. Add Atmail Cross-Site Scripting Vulnerability (CVE-2021-43574) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3301 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3301 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3302 .

The upgrade package includes the following updates:
1. Add Fastjson Deserialization Remote Code Execution Vulnerability (CVE-2022-25845) Plug-in.
2. Add Yonyou U8 Cloud SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3300 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3300 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3301 .

The upgrade package add 41 plugins, including but not limited to:
1. Add BeyondTrust Remote Support Cross-Site Scripting Vulnerability (CVE-2021-31589) Plug-in.
2. Add erxes Cross-Site Scripting Vulnerability (CVE-2021-32853) Plug-in.
3. Add Thruk status.cgi Cross-Site Scripting Vulnerability (CVE-2021-35488) Plug-in.
4. Add OpenSIS-Classic Cross-Site Scripting Vulnerability (CVE-2021-40542) Plug-in.
5. Add Grafana AngularJS URL Validation Cross-Site Scripting Vulnerability (CVE-2021-41174) Plug-in.
6. Add WordPress Payments Plugin Registration Activation Code XSS Vulnerability (CVE-2021-24239) Plug-in.
7. Add Aryanic HighMail User Field Cross-Site Scripting (XSS) Vulnerability (CVE-2020-23517) Plug-in.
8. Add QuiXplorer Cross-Site Scripting Vulnerability (CVE-2020-24902) Plug-in.
9. Add Clansphere CMS Module Parameter Security Vulnerability (CVE-2021-27309) Plug-in.
10. Add Mautic Password Reset Page Cross-Site Scripting Vulnerability (CVE-2021-27909) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.32* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3300 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.3201.dat to rsas-vulweb-V6.0R02F00.3206.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3205 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3205 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3206 .

The upgrade package includes the following updates:
1. Add Apache OFBiz Pre-Authorization Code Injection Vulnerability (CVE-2023-49070) Plug-in.
2. Add Seeyon OA wpsAssistServlet Arbitrary File Read Vulnerability Plug-in.
3. Add EASFENET Document Security Management System Remote Code Execution Vulnerability Plug-in.
4. Add EASFENET Document Security Management System dlUltrasec File Read Vulnerability Plug-in.
5. Add Monstra CMS Registry Cross-Site Scripting Vulnerability (CVE-2018-11473) Plug-in.
6. Add BIBLIOsoft BIBLIOpac Cross-Site Scripting Vulnerability (CVE-2018-16139) Plug-in.
7. Add WordPress JSmol2WP Plugin Cross-Site Scripting Vulnerability (CVE-2018-20462) Plug-in.
8. Add Apache HTTP Server mod_proxy Module Cross-Site Scripting Vulnerability (CVE-2019-10092) Plug-in.
9. Add CloudBees Jenkins Build-Metrics Cross-Site Scripting Vulnerability (CVE-2019-10475) Plug-in.
10. Add Carel pCOWeb Cross-Site Scripting Vulnerability (CVE-2019-11370) Plug-in.
11. Add phpMyAdmin Cross-Site Request Forgery Vulnerability (CVE-2019-12616) Plug-in.
12. Add SugarCRM Cross-Site Scripting Vulnerability (CVE-2019-14974) Plug-in.
13. Add CTHthemes Theme Cross-Site Scripting Vulnerability (CVE-2019-20210) Plug-in.
14. Add WordPress Sell Media Cross-Site Scripting Vulnerability (CVE-2019-6112) Plug-in.
15. Add Nortek Security and Control Linear eMerge E3-Series Cross-Site Scripting Vulnerability (CVE-2019-7255) Plug-in.
16. Add Bitrix24 Web Application Firewall Cross-Site Scripting Vulnerability (CVE-2020-13483) Plug-in.
17. Add WordPress Nova Lite Theme Cross-Site Scripting Vulnerability (CVE-2020-17362) Plug-in.
18. Add qdPM Database Configuration Cross-Site Scripting Vulnerability (CVE-2020-19515) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3204 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3204 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3205 .

The upgrade package includes the following updates, a total of 61 scanning plugins were added, including but not limited to:
1. Add PostgreSQL Information Disclosure Vulnerability (CVE-2023-4714) Plug-in.
2. Add Viessmann Vitogate 300 Authentication Bypass Vulnerability (CVE-2023-45852) Plug-in.
3. Add WordPress Visual Form Builder Improper Access Control Vulnerability (CVE-2022-0140) Plug-in.
4. Add WordPress WP Accessibility Helper Cross-Site Scripting Vulnerability (CVE-2022-0150) Plug-in.
5. Add WordPress Page Builder KingComposer Improper Input Validation Vulnerability (CVE-2022-0165) Plug-in.
6. Add WordPress White Label CMS Plugin Cross-Site Scripting Vulnerability (CVE-2022-0422) Plug-in.
7. Add Mastodon Attribute Confusion Vulnerability (CVE-2022-0432) Plug-in.
8. Add WordPress Shareaholic Information Disclosure Vulnerability (CVE-2022-0594) Plug-in.
9. Add Packagist Microweber Input Validation Vulnerability (CVE-2022-0597) Plug-in.
10. Add WordPress Master Elements SQL Injection Vulnerability (CVE-2022-0693) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3203 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3203 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3204 .

The upgrade package includes the following updates:
1. Add WordPress CMP-Coming Soon & Maintenance Plugin Information Disclosure Vulnerability (CVE-2023-1263) Plug-in.
2. Add imgproxy Cross-Site Scripting Vulnerability (CVE-2023-1496) Plug-in.
3. Add WordPress MStore API Plugin Authentication Bypass Vulnerability (CVE-2023-2732) Plug-in.
4. Add Weaver E-Office Arbitrary File Access Vulnerability (CVE-2023-2766) Plug-in.
5. Add Art Gallery Management System Reflective XSS Vulnerability (CVE-2023 23161) Plug-in.
6. Add WordPress Quick Event Manager Plugin Cross-Site Scripting Vulnerability (CVE-2023-23491) Plug-in.
7. Add Citrix ADC and Citrix Gateway Cross-Site Scripting Vulnerability (CVE-2023-24488) Plug-in.
8. Add Adobe ColdFusion Access Control Vulnerability (CVE-2023-29298) Plug-in.
9. Add OURPHP ourphp_tz.php Cross-Site Scripting Vulnerability (CVE-2023-30210) Plug-in.
10. Add Webkil QloApps Cross-Site Scripting Vulnerability (CVE-2023-30256) Plug-in.
11. Add Gibbon Local File Inclusion Vulnerability (CVE-2023-34598) Plug-in.
12. Add Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability (CVE-2023-35078) Plug-in.
13. Add Ivanti EPMM Authentication Bypass Vulnerability (CVE-2023-35082) Plug-in.
14. Add Webkul QloApps Cross-Site Scripting Vulnerability (CVE-2023-36287) Plug-in.
15. Add Adiscon LogAnalyzer Cross-Site Scripting Vulnerability (CVE-2023-36306) Plug-in.
16. Add POS Codekop Cross-Site Scripting Vulnerability (CVE-2023-36346) Plug-in.
17. Add Juniper Networks Junos OS EX J-Web Remote Command Execution Vulnerability (CVE-2023-36845) Plug-in.
18. Add CasaOS Improper Access Control Vulnerability (CVE-2023-37265) Plug-in.
19. Add Odoo Cross-Site Scripting Vulnerability (CVE-2023-1434) Plug-in.
20. Add Milespight Industrial Cellular Router Log Information Disclosure Vulnerability (CVC-2023-43261) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3202 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3202 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3203 .

The upgrade package includes the following updates:
1. Add Atlassian Confluence Data Center and Server Authorization Vulnerability (CVE-2023-22518) Plug-in.
2. Add ThinkPHP 5.0.24 Information Disclosure Vulnerability (CVE-2022-25481) Plug-in.
3. Add Microweber Cross-Site Scripting Vulnerability (CVE-2023-5244) Plug-in.
4. Add Nortek Control eMerge E3 Series Access Controller XSS Vulnerability (CVE-2022-46381) Plug-in.
5. Add MDaemon Security Gateway XML Injection Vulnerability (CVE-2022-25356) Plug-in.
6. Add TCExam Information Disclosure Vulnerability (CVE-2021-20114) Plug-in.
7. Add Advantech R-SeeNet ssh_form.php Cross-Site Scripting Vulnerability (CVE-2021-21800) Plug-in.
8. Add Advantech R-SeeNet Cross-Site Scripting Vulnerability (CVE-2021-21799) Plug-in.
9. Add Advantech R-SeeNet Cross-Site Scripting Vulnerability (CVE-2021-21801) Plug-in.
10. Add Advantech R-SeeNet Cross-Site Scripting Vulnerability (CVE-2021-21802) Plug-in.
11. Add Advantech R-SeeNet Cross-Site Scripting Vulnerability (CVE-2021-21803) Plug-in.
12. Add Advantech R-SeeNet Command Injection Vulnerability (CVE-2021-21805) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3201 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3201 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3202 .

The upgrade package includes the following updates:
1. Add IceWarp Mail Server Open Redirect Vulnerability (CVE-2021-36580) Plug-in.
2. Add IceWarp WebClient Remote Code Execution Vulnerability (CVE-2023-39598) Plug-in.
3. Add IceWarp Cross-Site Scripting Vulnerability (CVE-2023-39600) Plug-in.
4. Add Zyxel VMG1312-B10D Directory Traversal Vulnerability (CVE-2018-19326) Plug-in.
5. Add WordPress tidio-form Plugin Arbitrary Scripting Injection Vulnerability (CVE-2016-1000152) Plug-in.
6. Add WordPress page-layout-builder Plugin Cross-site Scripting Vulnerability (CVE-2016-1000141) Plug-in.
7. Add H3C ER Series Path Traversal Vulnerability (CVE-2023-5142) Plug-in.
8. Add Seeyon OA XML External Entity Injection Vulnerability Plug-in.
9. Add JeecgBoot JimuReport Template Injection Vulnerability (CVE-2023-4450) Plug-in.
10. Add Adminer SSRF Vulnerability (CVE-2021-21311) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3200 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3200 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3201 .

The upgrade package includes the following updates:
1. Add DAS-SECURITY Operation and Maintenance Audit and Risk Control System SSRF Vulnerability Plug-in.
2. Add WAVLINK WN535 G3 Cross-Site Scripting Vulnerability (CVE-2022-30489) Plug-in.
3. Add Apache Superset Access Control Vulnerability (CVE-2023-27524) Plug-in.
4. Add Icinga Web 2 Unauthorized File Disclosure Vulnerability (CVE-2022-24716) Plug-in.
5. Add Grafana Permission Bypass Vulnerability (CVS 2021-39226) Plug-in.
6. Add Microsoft Exchange Server Code Injection Vulnerability (CVE-2021-31195) Plug-in.
7. Add ZyXEL ZyWAL Cross-Site Scripting Vulnerability (CVS 2021-46387) Plug-in.
8. Add PowerJob Unauthorized Access Vulnerability (CVE-2023-29922) Plug-in.
9. Add Lightdash Directory Traversal Vulnerability (CVE-2023-35844) Plug-in.
10. Add CRM Perks Form Cross-Site Scripting Vulnerability (CVE-2022-38467) Plug-in.
11. Add FUDForum Cross-Site Scripting Vulnerability (CVE-2021-27519) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.31* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3200 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.3101.dat to rsas-vulweb-V6.0R02F00.3110.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3109 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3109 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3110 .

The upgrade package includes the following updates:
1. Add Roxy-WI Remote Injection Vulnerability (CVE-2022-31126) Plug-in.
2. Add Open edX Cross-Site Scripting (XSS) Vulnerability (CVE-2022-32195) Plug-in.
3. Add TerraMaster TOS Unauthorized Remote Command Execution Vulnerability (CVE-2022-24990) Plug-in.
4. Add Seeyon OA Password Modification Interface Unauthorized Access Vulnerability Plug-in.
5. Add JumpServer Information Disclosure Vulnerability Plug-in.
6. Add Yonyou GRP-U8 bx_historyDataCheck.jsp SQL Injection Vulnerability Plug-in.
7. Add PowerJob Permission Control Vulnerability (CVE-2023-29923) Plug-in.
8. Add Traggo Server Directory Traversal Vulnerability (CVE-2023-34843) Plug-in.
9. Add Patreon WordPress Plugin Information Disclosure Vulnerability (CVE-2021-24227) Plug-in.
10. Add nacos Permission Bypass Vulnerability (CVE-2021-29442) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3108 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3108 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3109 .

The upgrade package includes the following updates:
1. Add SourceMap Source Code File Disclosure Vulnerability Plug-in.
2. Add Jeecg-Boot Unauthorized SQL Injection Vulnerability (CVE-2023-1454) Plug-in.
3. Add Chanjet T+ Remote Command Execution Vulnerability Plug-in.
4. Add CNPOWER OA Arbitrary File Upload Vulnerability Plug-in.
5. Add CNPOWER OA Collaborative Office System Arbitrary File Read Vulnerability Plug-in.
6. Add DBSEC OA C6 Arbitrary File Read Vulnerability Plug-in.
7. Add Sangfor AD Report System Arbitrary File Read Vulnerability Plug-in.
8. Add Sangfor AD Management System Unauthorized Access Vulnerability Plug-in.
9. Add Shikong Zhiyou Enterprise Process Control System Login File Read Vulnerability Plug-in.
10. Add LiveBOS ShowImage.do Arbitrary File Read Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3107 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3107 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3108 .

The upgrade package includes the following updates:
1. Add Blue Sea Zhuo Yue Billing Management System Debug RCE Vulnerability Plug-in.
2. Add Landray EKP Unauthorized Access Vulnerability Plug-in.
3. Add TOTOLINK LR350 Command Injection Vulnerability (CVE-2023-37148) Plug-in.
4. Add CTI Monitoring and Warning System Database Disclosure Vulnerability Plug-in.
5. Add CTI Monitoring and Warning System FileDownLoad Arbitrary File Read Vulnerability Plug-in.
6. Add EASFENET importFileType Arbitrary File Upload Vulnerability Plug-in.
7. Add CNPOWER OA 8000 workFlowService SQL Injection Vulnerability Plug-in.
8. Add NewCapec Smart Campus System freemaker Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3106 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3106 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3107 .

The upgrade package includes the following updates:
1. Add Zhiyuan OA 8 Front Office XXE Vulnerability Plug-in.
2. Add Kingdee Cloud Starry Sky Arbitrary File Reading Vulnerability Plug-in.
3. Add Ruijie NBR Router Arbitrary File Upload Vulnerability Plug-in.
4. Add Dahua Smart Park User Password Disclosure Vulnerability Plug-in.
5. Add Dahua Smart Park Comprehensive Management Platform searchJson SQL Injection Vulnerability Plug-in.
6. Add Qiming Star 4A Unified Security Control Platform Information Leakage Plug-in.
7. Add Jinhe OA C6 GetSqlData.aspx SQL Injection Vulnerability Plug-in.
8. Add Feiqi Internet FE Business Collaboration Platform ShowImageServlet File Reading Vulnerability Plug-in.
9. Add Ruijie Switch WEB Management System EXCU_ SHELL Information Disclosure Vulnerability Plug-in.
10. Add seeyon NC wsncapplet.jsp Information Disclosure Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3105 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3105 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3106 .

The upgrade package includes the following updates:
1. Add Tianqing Terminal Security Management System Log Leakage Vulnerability Plug-in.
2. Add Remote Command Execution Vulnerability in Zhiyuan OA M1Server Plug-in.
3. Add WeCRM SQL injection vulnerability Plug-in.
4. Add Wantit ERP remote command execution vulnerability. Plug-in.
5. Add . Plug-in.
6. Add Stakater Forecastle Path Traversal Vulnerability (CVE-2023-402) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3104 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3104 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3105 .

The upgrade package includes the following updates:
1. Add Glodon OA Collaborative Office System Frontend SQL Injection Vulnerability Plug-in.
2. Add WeChat Management Platform Unauthorized Access Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3103 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3103 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3104 .

The upgrade package includes the following updates:
1. Add Dahua Smart Park Integrated Management Platform File Upload Vulnerability. Plug-in.
2. Add MLflow Path Traversal Vulnerability (CVE-2023-3765) Plug-in.
3. Add Mingyu Security Gateway Remote Command Execution(CNVD-2023-03898). Plug-in.
4. Add Yonyou Mobile Management System Arbitrary File Upload Vulnerability Plug-in.
5. Add Hikvision Integrated Security Management Platform env Information Leakage Vulnerability Plug-in.
6. Add Hikvision Integrated Security Management Platform Report Arbitrary File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3102 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3102 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3103 .

The upgrade package includes the following updates:
1. Add Metabase Remote Command Execution Vulnerability (CVE-2023-38646) Plug-in.
2. Add H3C SSL VPN Cross-Site Scripting Vulnerability (CVE-2022-35416) Plug-in.
3. Add Kingdee ERP Remote Code Execution Vulnerability Plug-in.
4. Add Yonyou FE Collaborative Office Platform Directory Traversal Vulnerability. Plug-in.
5. Add Hjsoft eHR Arbitrary File Upload Vulnerability Plug-in.
6. Add Weaver E-Office Arbitrary File Upload Vulnerability (CVE-2023-2523) Plug-in.
7. Add Weaver Arbitrary File Upload Vulnerability (CVE-2023-2648) Plug-in.
8. Add H3C Multiple Series Products Remote Command Execution Vulnerability Plug-in.
9. Add Yonghong BI Report Foreground Arbitrary File Reading Plug-in.
10. Add Sangfor Application Delivery Management System login remote command execution vulnerability. Plug-in.
11. Add HiKVISION iSecure Center arbitrary file upload vulnerability. Plug-in.
12. Add Hand SRM login bypass vulnerability Plug-in.
13. Add SecSSL 3600 Security Access Gateway System Unauthorized Access Vulnerability Plug-in.
14. Add SecGate 3600 firewall obj_app_upfile arbitrary file upload vulnerability Plug-in.
15. Add Nacos has weak password Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3101 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3101 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3102 .

The upgrade package includes the following updates:
1. Add Grafana Credential Disclosure Vulnerability (CVE-2022-26148) Plug-in.
2. Add Smartbi Built-in User Login Bypass Vulnerability Plug-in.
3. Add PbootCMS Code Injection Vulnerability (CVE-2022-32417) Plug-in.
4. Add Dynamicweb Remote Command Execution Vulnerability (CVE-2022-25369) Plug-in.
5. Add VoIPmonitor SQL Injection Vulnerability (CVE-2022-24260) Plug-in.
6. Add WAVLINK System Command Injection Vulnerability (CVE-2022-2486) Plug-in.
7. Add WordPress Mailpress Plugin Remote Code Execution Vulnerability Plug-in.
8. Add Zoho ManageEngine ADSelfService Plus XSS Injection Vulnerability (CVE-2022-24681) Plug-in.
9. Add i3Geo Local File Inclusion Vulnerability (CVE-2022-32409) Plug-in.
10. Add Keycloak XSS Vulnerability (CVE-2021-20323) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3100 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3100 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3101 .

The upgrade package includes the following updates:
1. Add NETGEAR ProSafe SSL VPN Firmware FVS336G SQL Injection Vulnerability (CVE-2022-29383) Plug-in.
2. Add Oracle E-Business Suite Unauthorized File Upload Vulnerability (CVS 2022-21587) Plug-in.
3. Add Weaver OA E-Office 10 File Read Vulnerability Plug-in.
4. Add Weaver OA E-Office webservice File Read Vulnerability Plug-in.
5. Add Zhejiang Uniview Network Video Recorder Remote Command Execution Vulnerability Plug-in.
6. Add PowerCreator CMS Arbitrary File Upload Vulnerability Plug-in.
7. Add WordPress Page View Count Plugin SQL Injection vulnerability (CVE-2022-0434) Plug-in.
8. Add Contec SolarView Compact Command Injection Vulnerability (CVE-2023-23333) Plug-in.
9. Add WAVLINK System Command Injection Vulnerability (CVE-2022-2488) Plug-in.
10. Add Zyxel USG Unauthorized Access Vulnerability (CVE-2022-0342) Plug-in.
11. Add Seeyon OA wpsAssistServlet Arbitrary File Upload Vulnerability Plug-in.
12. Add Weaver E-cology Frontend SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.30* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3100 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.3001.dat to rsas-vulweb-V6.0R02F00.3007.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3006 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3006 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3007 .

The upgrade package includes the following updates:
1. Add AVEVA InTouch Access Anywhere Local File Inclusion (CVE-2022-23854) Plug-in.
2. Add ZK Framework Information Disclosure Vulnerability (CVE-2022-36537) Plug-in.
3. Add WRTeam eShop Cross-Site Scripting Vulnerability (CVE-2022-35493) Plug-in.
4. Add ZOHO ManageEngine Password Manager Pro Security Vulnerability (CVE-2022-35405) Plug-in.
5. Add kkFileView Cross-Site Scripting Vulnerability (CVE-2022-35151) Plug-in.
6. Add WAVLINK WN530HG4 Information Disclosure Vulnerability (CVE-2022-34047) Plug-in.
7. Add WAVLINK WN533A8 Information Disclosure Vulnerability (CVE-2022-34046) Plug-in.
8. Add WWBN AVideo Cross-Site Scripting Vulnerability (CVE-2022-32772) Plug-in.
9. Add WWBN AVideo Cross-Site Scripting Vulnerability (CVE-2022-32771) Plug-in.
10. Add WWBN AVideo Cross-Site Scripting Vulnerability (CVE-2022-32770) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3005 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3005 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3006 .

The upgrade package includes the following updates:
1. Add Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) Plug-in.
2. Add Repetier Server Path Traversal Vulnerability (CVE-2023-31059) Plug-in.
3. Add Securepoint Unified Threat Management Security Vulnerability (CVS 2023-22897) Plug-in.
4. Add ReQlogic Cross-Site Scripting Vulnerability (CVE-2022-41441) Plug-in.
5. Add kkFileView Cross-Site Scripting Vulnerability (CVE-2022-40879) Plug-in.
6. Add L-Soft LISTSERV Cross-Site Scripting Vulnerability (CVE-2022-39195) Plug-in.
7. Add Academy Learning Management System Cross-Site Scripting Vulnerability (CVE-2022-38553) Plug-in.
8. Add ServiceNow San Diego Patch Cross-Site Scripting Vulnerability (CVS 2022-38463) Plug-in.
9. Add Jenkins Git Plugin Security Vulnerability (CVE-2022-36883) Plug-in.
10. Add Atlassian Bitbucket Server Command Injection Vulnerability (CVE-2022-36804) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3004 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3004 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3005 .

The upgrade package includes the following updates:
1. Add Oracle JavaServer Faces Directory Traversal Vulnerability (CVE-2013-3827) Plug-in.
2. Add HJSOFT Human Resources Management System SQL Injection Vulnerability (CNVD-2023-08743) Plug-in.
3. Add kkFileView Server-Side Request Forgery Vulnerability (CVE-2022-43140) Plug-in.
4. Add FUDForum Cross-Site Scripting Vulnerability (CVE-2021-27520) Plug-in.
5. Add Ghost Path Traversal Vulnerability (CVE-2023-32235) Plug-in.
6. Add OURPHP Cross-Site Scripting Vulnerability (CVE-2023-30212) Plug-in.
7. Add Cpanel Cross-Site Scripting Vulnerability (CVE-2023-29489) Plug-in.
8. Add ATutor Cross-Site Scripting Vulnerability (CVE-2023-27008) Plug-in.
9. Add Gimmie vBulletin Remote Code Execution Vulnerability (CVE-2023-25135) Plug-in.
10. Add ThinkPHP File Inclusion Vulnerability (CVE-2022-47945) Plug-in.
11. Add Masa CMS Authentication Bypass Vulnerability (CVE-2022-47002) Plug-in.
12. Add kkFileView Cross-Site Scripting Vulnerability (CVE-2022-46934) Plug-in.
13. Add Default Password in MinIO Plug-in.
14. Add Weak Password in MinIO Plug-in.
15. Add Unauthorized Access in SRS Console Plug-in.
16. Add Weaver OA ofsLogin.jsp information leakage and front-end arbitrary user login vulnerability Plug-in.
17. Add Yonyou NC Deserialization Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3003 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3003 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3004 .

The upgrade package includes the following updates:
1. Add GitLab CE/EE Hardcoded Credentials (CVE-2022-1162) Plug-in.
2. Add GitLab CE/EE Remote Code Execution Vulnerability (CVE-2022-2185) Plug-in.
3. Add HashiCorp Consul/Consul Enterprise Server-side Request Forgery Vulnerability (CVE-2022-29153) Plug-in.
4. Add KkFileView 4.0.0 XSS Vulnerability (CVE-2022-29349) Plug-in.
5. Add Microweber before 1.2.11 XSS Vulnerability (CVE-2022-0678) Plug-in.
6. Add QNAP QTS Local File Inclusion Vulnerability (CVE-2022-27593) Plug-in.
7. Add Sophos Firewall through 18.5 MR3 Remote Code Execution Vulnerability (CVE-2022-1040) Plug-in.
8. Add WordPress Directorist before 7.3.1 Information Disclosure Vulnerability (CVE-2022-2376) Plug-in.
9. Add WordPress Country Selector before 1.6.6 XSS Vulnerability (CVE-2022-28290) Plug-in.
10. Add Weaver Ecology OA SQL Injection Vulnerability Plug-in.
11. Add xmlrpc Interface Java Deserialization Command Execution Vulnerability Detected in Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3002 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3002 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3003 .

The upgrade package includes the following updates:
1. Add REALOR GWT System SQL Injection Vulnerability Plug-in.
2. Add REALOR GWT System Remote Code Execution Vulnerability Plug-in.
3. Add Pie Register before 3.8.2.3 Open Redirection Vulnerability (CVS 2023-0552) Plug-in.
4. Add Squidex before 7.4.0 XSS Vulnerability (CVS 2023-24278) Plug-in.
5. Add mojoPortal 2.7.0.0 XSS Vulnerability (CVS 2023-24322) Plug-in.
6. Add Microweber Sensitive Information Disclosure Vulnerability (CVE-2022-0281) Plug-in.
7. Add XSS Vulnerability in LearnPress before 4.1.6 (CVE-2022-0271) Plug-in.
8. Add XSS Vulnerability in Microweber (CVE-2022-0378) Plug-in.
9. Add GitLab CE/EE Runner Registration Token Disclosure (CVE-2022-0735) Plug-in.
10. Add uDraw before 3.3.3 Local File Inclusion Vulnerability (CVE-2022-0656) Plug-in.
11. Add Microweber before 1.2.15 XSS Vulnerability (CVE-2022-1439) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3001 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3001 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3002 .

The upgrade package includes the following updates:
1. Add Oracle WebLogic Server Remote Code Execution Vulnerability (CVE-2023-21931) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.3000 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.3000 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3001 .

The upgrade package includes the following updates:
1. Add phpIPAM IP Address Management v1.6 XSS Vulnerability (CVE-2023-24657) Plug-in.
2. Add PMB v7.4.6 Reflective XSS (CVE-2023-24733) Plug-in.
3. Add PMB v7.4.6 Open Redirect Vulnerability (CVE-2023-24735) Plug-in.
4. Add PMB v7.4.6 XSS Vulnerability (CVE-2023-24737) Plug-in.
5. Add T24 Web Server Local File Inclusion Vulnerability (CVE-2019-14251) Plug-in.
6. Add Temenos T24 R20 XSS Vulnerability (CVE-2023-24367) Plug-in.
7. Add WordPress Tutor LMS before 2.0.10 XSS Vulnerability (CVE-2023-0236) Plug-in.
8. Add WordPress WP TripAdvisor Review Slider before 10.8 SQL Injection Vulnerability (CVE-2023-0261) Plug-in.
9. Add WordPress Easy Digital Downloads 3.1.0.2/3.1.0.3 SQL Injection Vulnerability (CVE-2023-23489) Plug-in.
10. Add PMB Services Directory Traversal Vulnerability Plug-in.
11. Add WordPress Paid Memberships Pro before 2.9. 8 SQL Injection Vulnerability (CVE-2023-23488) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.29* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.3000 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2901.dat to rsas-vulweb-V6.0R02F00.2906.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2905 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2905 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2906 .

The upgrade package includes the following updates:
1. Add WordPress Information Disclosure Vulnerability (CVE-2017-5487) Plug-in.
2. Add Ueditor server request forgery (SSRF) vulnerability Plug-in.
3. Add Odoo has an unauthorized access vulnerability Plug-in.
4. Add Odoo path traversal vulnerability (CVE-2019-14322) Plug-in.
5. Add E-cology9 browser.jspSQL Injects vulnerability Plug-in.
6. Add Qioa msglog.aspx SQL Injection vulnerability Plug-in.
7. Add ODOO path traverse vulnerability (CVE-2017-9416) Plug-in.
8. Add MinIO Unauthorized Information Disclosure (CVE-2023-28432) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2904 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2904 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2905 .

The upgrade package includes the following updates:
1. Add ShowDoc Default Password Vulnerability Plug-in.
2. Add ShowDoc Arbitrary File Upload Vulnerability (CNVD-2020-26585) Plug-in.
3. Add Weak Password in ShowDoc Plug-in.
4. Add Fortinet FortiNAC Remote Code Execution Vulnerability (CVE-2022-39952) Plug-in.
5. Add Control Web Panel Login Remote Command Execution Vulnerability (CVE-2022-44877) Plug-in.
6. Add Joomla Unauthorized Access Vulnerability (CVE-2023-23752) Plug-in.
7. Add Apache Kafka Connect Remote Code Execution Vulnerability (CVE-2023-25194) Plug-in.
8. Add Plesk Obsidian Host Header Injection Vulnerability (CVE-2023-24044) Plug-in.
9. Add Shiziyu CMS ApiController.class.php SQL Injection Vulnerability Plug-in.
10. Add Shiziyu CMS ApigoodController.class.php SQL Injection Vulnerability Plug-in.
11. Add Default Password Used in Shiziyu CMS Plug-in.
12. Add Weak Password Used in Shiziyu CMS Plug-in.
13. Add Shiziyu CMS image_upload.php Arbitrary File Upload Vulnerability Plug-in.
14. Add Shiziyu CMS wxapp.php Arbitrary File Upload Vulnerability Plug-in.
15. Add IBM Aspera Faspex Unauthorized RCE (CVE-2022-47986) Plug-in.
16. Add GeoServer Jiffle Remote Code Execution Vulnerability (CVE-2022-24816) Plug-in.
17. Add FortiWeb Remote Code Execution Vulnerability (CVE-2021-42756) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2903 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2903 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2904 .

The upgrade package includes the following updates:
1. Add RabbitMQ Default Password Vulnerability Plug-in.
2. Add Detection of Weak Passwords in RabbitMQ Plug-in.
3. Add SolarWinds Remote Code Execution Vulnerability (CVE-2020-10148) Plug-in.
4. Add Atlassian JIRA Information Disclosure Vulnerability (CVE-2019-3401) Plug-in.
5. Add SQL Injection Vulnerability Detected in rConfig v3.9.4 (CVE-2020-10546) Plug-in.
6. Add SQL Injection Vulnerability Detected in rConfig v3.9.4 (CVE-2020-10547) Plug-in.
7. Add SQL Injection Vulnerability Detected in rConfig v3.9.4 (CVE-2020-10548) Plug-in.
8. Add Oracle E-Business Suite File Read Vulnerability Plug-in.
9. Add Oracle E-Business Suite Sensitive Information Disclosure Vulnerability (CVE-2022-21500) Plug-in.
10. Add Oracle E-Business Suite Sensitive Information Disclosure Vulnerability Plug-in.
11. Add Golang pprof Information Disclosure Vulnerability Plug-in.
12. Add Apache Log4j Server Deserialization Command Execution Vulnerability (CVE-2017-5645) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2902 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2902 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2903 .

The upgrade package includes the following updates:
1. Add Atlassian Jira Authentication Bypass Vulnerability (CVE-2022-0540) Plug-in.
2. Add Cerebro Request SSRF Vulnerability Plug-in.
3. Add Atlassian Questions For Confluence Authentication Bypass Vulnerability (CVE-2022-26138) Plug-in.
4. Add Gitblit Path Traversal Vulnerability (CVE-2022-31268) Plug-in.
5. Add phpMyAdmin Arbitrary File Read Vulnerability (CVE-2019-6799) Plug-in.
6. Add 3COM NJ20003com Default Password Vulnerability Plug-in.
7. Add docker-kong Security Vulnerability (CVE-2020-11710) Plug-in.
8. Add Oracle WebLogic Server Remote Code Execution Vulnerability (CVE-2023-21839) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2901 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2901 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2902 .

The upgrade package includes the following updates:
1. Add ZenTao Project Management System Permission Bypass and Command Execution Vulnerabilities Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2900 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2900 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2901 .

The upgrade package includes the following updates:
1. Add Multiple NETGEAR Routers Administrator Password Information Disclosure Vulnerability (CVE-2017-5521) Plug-in.
2. Add HJSOFT e-HR Human Resource Management System File Upload Vulnerability Plug-in.
3. Add D-Link DIR816L Unauthorized Access Vulnerability (CVE-2022-28955) Plug-in.
4. Add Laravel FileManager Path Traversal Vulnerability (CVE-2022-40734) Plug-in.
5. Add Weaver OA E-Weaver SignatureDownLoad Arbitrary File Read Vulnerability Plug-in.
6. Add Omnia MPX Sensitive Information Disclosure Vulnerability (CVE-2022-36642) Plug-in.
7. Add Whir ezoffice TeleConferenceService XXE Injection Vulnerability Plug-in.
8. Add Whir OA DocumentEdit.jsp SQL Injection Vulnerability Plug-in.
9. Add Whir ezoffice download_ftp Arbitrary File Download Vulnerability Plug-in.
10. Add Zimbra MailboxImportServlet Authentication Bypass Vulnerability (CVE-2022-37042) Plug-in.
11. Add Dbappsecurity Web Application Firewall (WAF) Arbitrary User Login Plug-in.
12. Add Weaver OA Unauthorized Arbitrary User Login Vulnerability Plug-in.
13. Add VMware Workspace ONE Access Authentication Vulnerability (CVE-2022-31656) Plug-in.
14. Add Weaver E-Mobile messageType.do SQL Injection Vulnerability Plug-in.
15. Add Chinaiwb Firewall login.php SQL Injection Vulnerability Plug-in.
16. Add Chinaiwb Firewall setdomain.php Out-of-Bounds Access Vulnerability Plug-in.
17. Add Weaver E-mobile client.do Remote Code Execution Vulnerability Plug-in.
18. Add Zyxel Firewall Remote Command Injection Vulnerability (CVE-2022-30525) Plug-in.
19. Add Kkfileview Document Online Preview System Arbitrary File Read Vulnerability Plug-in.
20. Add Kkfileview Document Online Preview System SSRF Vulnerability Plug-in.
21. Add VMware Workspace ONE Access Template Injection Vulnerability (CVE-2022-22954) Plug-in.
22. Add BSPHP Network Authentication System Unauthorized Access Vulnerability Plug-in.
23. Add Hysine Webtalk System Ping.php Command Execution Vulnerability Plug-in.
24. Add Shenzhen Launch Video Surveillance System Unauthorized Access Vulnerability Plug-in.
25. Add AnyMacro Email System File Inclusion Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.28* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2900 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2801.dat to rsas-vulweb-V6.0R02F00.2806.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2805 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2805 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2806 .

The upgrade package includes the following updates:
1. Add Thinkphp Multilingual Remote Code Execution Vulnerability Plug-in.
2. Add Windor Wisdom Anxiaoyi Integrative Management Platform FileDownLoad.aspx Arbitrary File Read Vulnerability Plug-in.
3. Add Pentaho Business Analytics Authentication Vulnerability (CVE-2021-31602) Plug-in.
4. Add Axis2 System HappyAxis.jsp Sensitive Information Disclosure Vulnerability Plug-in.
5. Add Axis2 Service File Read Vulnerability Plug-in.
6. Add Facemeeting Cloud Video Conferencing System Struts2 Remote Command Execution Vulnerability Plug-in.
7. Add Login Bypass Vulnerability Detected in Kemai RAS Server Plug-in.
8. Add Casdoor SQL Injection Vulnerability (CVE-2022-24124) Plug-in.
9. Add Casdoor Sensitive Information Disclosure Vulnerability Plug-in.
10. Add GLPI ihtmLawedTest.php Remote Command Execution Vulnerability (CVE-2022-35914) Plug-in.
11. Add GLPI Information Disclosure Vulnerability (CVE-2021-39211) Plug-in.
12. Add GLPI Path Traversal Vulnerability (CVE-2021-43778) Plug-in.
13. Add Weaver OA E-Office UserSelect Unauthorized Access Vulnerability Plug-in.
14. Add Weaver OA E-Office Arbitrary File Read Vulnerability Plug-in.
15. Add Cacti Command Injection Vulnerability (CVE-2022-46169) Plug-in.
16. Add Default Passwords Detected in Cacti Plug-in.
17. Add Weak Passwords Detected in Cacti Plug-in.
18. Add WAPPLES Web Application Firewall Hardcoded Credentials Vulnerability (CVE-2022-35413) Plug-in.
19. Add nps Security Bypass Vulnerability Plug-in.
20. Add pgadmin validate_binary_path Remote Command Execution Vulnerability (CVE-2022-4223) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2804 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2804 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2805 .

The upgrade package includes the following updates:
1. Add Next.js Path Traversal Vulnerability (CVE-2020-5284) Plug-in.
2. Add YApi Remote Command Execution Vulnerability Plug-in.
3. Add NoSQL Injection Vulnerability Detected in Yapi Plug-in.
4. Add MotionEye Information Disclosure Vulnerability (CVE-2022-25568) Plug-in.
5. Add Default Passwords Detected in rConfig Plug-in.
6. Add Weak Passwords Detected in rConfig Plug-in.
7. Add SQL injection vulnerability Detected in rConfig v3.9.4 (CVE-2020-10220) Plug-in.
8. Add Roxy-WI System Command Injection Vulnerability (CVE-2022-31137) Plug-in.
9. Add Fortinet Authentication Bypass Vulnerability (CVE-2022-40684) Plug-in.
10. Add rConfig v3.9.2 Unauthorized Remote Code Execution Vulnerability (CVE-2019-16662) Plug-in.
11. Add rConfig v3.9.2 Backend Remote Code Execution Vulnerability (CVE-2019-16663) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2803 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2803 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2804 .

The upgrade package includes the following updates:
1. Add Directory Traversal Vulnerability Detected in the Target Server Plug-in.
2. Add Spring Boot Actuator Logview Path Traversal Vulnerability (CVE-2021-21234) Plug-in.
3. Add MkDocs Path Traversal Vulnerability (CVE-2021-40978) Plug-in.
4. Add Teledyne FLIR AX8 Path Traversal Vulnerability (CVE-2022-37060) Plug-in.
5. Add Liftoff GateOne Path Traversal Vulnerability (CVE-2020-35736) Plug-in.
6. Add Dahua DSS Arbitrary File Download Vulnerability (CNVD-2020-61986) Plug-in.
7. Add Blue Sea Zhuo Yue Billing Management System Arbitrary File Download Vulnerability (CNVD-2021-21602) Plug-in.
8. Add JeeWMS Unauthorized Arbitrary File Read Vulnerability (CNVD-2020-61972) Plug-in.
9. Add Next.js Path Traversal Vulnerability (CVE-2017-16877) Plug-in.
10. Add Pulse Secure Path Traversal Vulnerability (CVE-2019-11510) Plug-in.
11. Add Huawei HG659 Arbitrary File Read Vulnerability (CNVD-2021-45398) Plug-in.
12. Add GoCD Arbitrary File Read Vulnerability (CVE-2021-43287) Plug-in.
13. Add HexMeet fileDownload Arbitrary File Read Vulnerability Plug-in.
14. Add Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2022-41082) Plug-in.
15. Add ACTi Web Configurator Arbitrary File Read Vulnerability (CNVD-2021-37981) Plug-in.
16. Add Microsoft Exchange Server Server-Side Request Forgery Vulnerability (CVE-2022-41040) Plug-in.
17. Add Alibaba AnyProxy Arbitrary File Read Vulnerability Plug-in.
18. Add KEDACOM MTS Transcoding Server Arbitrary File Read Vulnerability (CNVD-2020-48650) Plug-in.
19. Add WiseGiga NAS Arbitrary File Read Vulnerability (CNVD-2020-51406) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2802 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2802 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2803 .

The upgrade package includes the following updates:
1. Add GeoServer SSRF Vulnerability (CVE-2021-40822) Plug-in.
2. Add ZOHO ManageEngine Desktop Central Information Disclosure Vulnerability (CVE-2022-23779) Plug-in.
3. Add Jupyter Notebook Unauthorized Access Vulnerability Plug-in.
4. Add SeaCMS Backend Directory Traversal Vulnerability Plug-in.
5. Add SeaCMS Backend Command Execution Vulnerability (CNVD-2020-22721) Plug-in.
6. Add SeaCMS Through 9.92 Arbitrary Code Execution Vulnerability Plug-in.
7. Add SeaCMS V8.7 SQL Injection Vulnerability Plug-in.
8. Add SeaCMS V6.45 Arbitrary Code Execution Vulnerability Plug-in.
9. Add SeaCMS V6.54 Arbitrary Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2801 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2801 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2802 .

The upgrade package includes the following updates:
1. Add Apache Airflow Privilege Bypass Vulnerability Plug-in.
2. Add Oracle Access Manager Remote Code Execution Vulnerability Plug-in.
3. Add Web Application Firewall Detected in the Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2800 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2800 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2801 .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.27* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2800 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2701.dat to rsas-vulweb-V6.0R02F00.2711.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2710 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2710 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2711 .

The upgrade package includes the following updates:
1. Add Zimbra Collaboration Remote Code Execution Vulnerability(CVE-2022-27925) Plug-in.
2. Add Elasticsearch Kibana Component Unauthorized Access Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2709 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2709 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2710 .

The upgrade package includes the following updates:
1. Add Apache Spark Shell Command Injection Vulnerability (CVE-2022-33891) Plug-in.
2. Add Apache Tapestry Arbitrary File Read Vulnerability (CVE-2019-0195) Plug-in.
3. Add Apache Tapestry Arbitrary File Read Vulnerability (CVE-2021-27850) Plug-in.
4. Add Fastjson Remote Code Execution Vulnerability Detected in Seeyon OA Plug-in.
5. Add Weak Passwords Detected in Webmin Plug-in.
6. Add Webmin Command Injection Vulnerability (CVE-2022-36446) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2708 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2708 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2709 .

The upgrade package includes the following updates:
1. Add Yonyou Chanjet Tplus Arbitrary File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2707 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2707 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2708 .

The upgrade package includes the following updates:
1. Add Yonyou NC Arbitrary File Upload Vulnerability Plug-in.
2. Add Weaver E-cology Arbitrary File Upload Vulnerability Plug-in.
3. Add Tosec OSMS SQL injection vulnerability Plug-in.
4. Add Maipu ISG1000 Security Gateway Arbitrary File Download Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2706 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2706 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2707 .

The upgrade package includes the following updates:
1. Add Rockoa Arbitrary File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2705 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2705 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2706 .

The upgrade package includes the following updates:
1. Add Wanhu OA Arbitrary File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2704 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2704 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2705 .

The upgrade package includes the following updates:
1. Add ZenTao Project Management Software SQL Injection Vulnerability (CNVD-2022-42853) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2703 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2703 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2704 .

The upgrade package includes the following updates:
1. Add Tongda OA Default Weak Password Vulnerability Plug-in.
2. Add Tongda OA Unauthenticated User Enumeration Plug-in.
3. Add Tongda OA File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2702 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2702 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2703 .

The upgrade package includes the following updates:
1. Add 74cms ajaxPersonal SQL Injection Vulnerability Plug-in.
2. Add Apache SkyWalking SQL Injection Vulnerability (CVE-2020-9483) Plug-in.
3. Add Apache SkyWalking 8.3.0 SQL Injection Vulnerability Plug-in.
4. Add Apache SkyWalking SQL Injection Vulnerability (CVE-2020-13921) Plug-in.
5. Add Zabbix Management Platform Unauthorized Access Vulnerability (CNVD-2020-44110) Plug-in.
6. Add Landray OA Arbitrary File Read Vulnerability Plug-in.
7. Add Weaver E-office SQL Injection Vulnerability (CNVD-2022-43246) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2701 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2701 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2702 .

The upgrade package includes the following updates:
1. Add Landray OA Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2700 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2700 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2701 .

The upgrade package includes the following updates:
1. Add Spring Data MongoDB SpEL Expression Injection Vulnerability (CVE-2022-22980) Plug-in.
2. Add QuarkMail Remote Code Execution Vulnerability Plug-in.
3. Add D-Link DCS Information Disclosure Vulnerability (CVE-2020-25078) Plug-in.
4. Add Zyxel NBG2105 Authentication Bypass Vulnerability (CVE-2021-3297) Plug-in.
5. Add Wayos AC Centralized Management System Default Weak Password Vulnerability (CNVD-2021-0087) Plug-in.
6. Add Kingsoft Terminal Security System upload.php File Upload Vulnerability Plug-in.
7. Add WordPress SuperForms Plugin File Upload Vulnerability Plug-in.
8. Add VMware vRealize Operations Manager SSRF Vulnerability (CVE-2021-21975) Plug-in.
9. Add Apache Solr Arbitrary File Read Vulnerability Plug-in.
10. Add Weaver E-Office Backend Arbitrary File Upload Vulnerability Plug-in.
11. Update Apache Shiro RememberMe Parameter Key Enumeration Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.26* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2700 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2601.dat to rsas-vulweb-V6.0R02F00.2606.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2605 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2605 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2606 .

The upgrade package includes the following updates:
1. Add Bonitasoft Privilege Escalate Vulnerability (CVE-2022-25237) Plug-in.
2. Add Weak Passwords Detected in Bonitasoft Plug-in.
3. Add Default Passwords Detected in Bonitasoft Plug-in.
4. Add Wordpress BuddyPress REST API Privilege Escalate Vulnerability（CVE-2021-21389） Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2604 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2604 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2605 .

The upgrade package includes the following updates:
1. Add Spring Security OAuth2 Remote Code Execution Vulnerability (CVE-2016-4977) Plug-in.
2. Add Apache Solr XML Entity Injection Vulnerability (CVE-2017-12629) Plug-in.
3. Add Apache Solr Server-Side Request Forgery Vulnerability (CVE-2021-27905) Plug-in.
4. Add WSO2 API Manager Remote Command Execution Vulnerability (CVE-2022-29464) Plug-in.
5. Add Weak Passwords Detected in WSO2 API Manager Plug-in.
6. Add Default Passwords Detected in WSO2 API Manager Plug-in.
7. Add Drawio Server-Side Request Forgery Vulnerability (CVE-2022-1713) Plug-in.
8. Add Confluence Server and Data Center RCE（CVE-2022-26134） Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2603 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2603 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2604 .

The upgrade package includes the following updates:
1. Add F5 BIG-IP iControl REST Unauthenticated Remote Command Execution Vulnerability (CVE-2022-1388) Plug-in.
2. Add Log4j2 Remote Code Execution Vulnerability Detected in Seeyon OA Plug-in.
3. Add JEECMS V6-V7 Arbitrary File Upload Vulnerability Plug-in.
4. Add JEECMS V6 Arbitrary File Upload Vulnerability Plug-in.
5. Add JEECMS V7 Arbitrary File Download Vulnerability Plug-in.
6. Add JEECMS V7 Arbitrary User Unauthorized Access Vulnerability Plug-in.
7. Add JEECMS V8.1 Background Arbitrary File Write Vulnerability Plug-in.
8. Add Default Passwords Detected in JEECMS Plug-in.
9. Update Apache Log4j2 Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2602 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2602 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2603 .

The upgrade package includes the following updates:
1. Add YouPHPTube-Encoder 2.3 Remote Code Execution Vulnerability (CVE-2019-5127) Plug-in.
2. Add YouPHPTube-Encoder 2.3 Remote Code Execution Vulnerability (CVE-2019-5128) Plug-in.
3. Add YouPHPTube-Encoder 2.3 Remote Code Execution Vulnerability (CVE-2019-5129) Plug-in.
4. Add Nexus Repository Manager 3 Remote Command Execution Vulnerability (CVE-2019-7238) Plug-in.
5. Add Nexus Repository Manager 3 Remote Command Execution Vulnerability (CVE-2020-10199) Plug-in.
6. Add Nexus 2 Yum Plugin Remote Command Execution Vulnerability (CVE-2019-5475) Plug-in.
7. Add Nexus 2 Yum Plugin Remote Command Execution Vulnerability (CVE-2019-15588) Plug-in.
8. Add Default Passwords Detected in Nexus Repository Manager Plug-in.
9. Add Weak Passwords Detected in Nexus Repository Manager Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2601 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2601 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2602 .

The upgrade package includes the following updates:
1. Add MingSoft MCMS SQL Injection Vulnerability (CVE-2022-23898) Plug-in.
2. Add MingSoft MCMS SQL Injection Vulnerability (CVE-2022-23899) Plug-in.
3. Add MingSoft MCMS SQL Injection Vulnerability (CVE-2022-25125) Plug-in.
4. Add Pivotal Software Spring Cloud Config Path Directory Vulnerability (CVE-2020-5405) Plug-in.
5. Add VMware Software Spring Cloud Config Path Directory Vulnerability (CVE-2020-5410) Plug-in.
6. Add Pivotal Software Spring Cloud Config Path Directory Vulnerability (CVE-2019-3799) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2600 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2600 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2601 .

The upgrade package includes the following updates:
1. Add Apache APISIX Remote Code Execution Vulnerability (CVE-2022-24112) Plug-in.
2. Add Detection of Weak Passwords on Apache APISIX Plug-in.
3. Add Detection of Default Keys on Apache APISIX Plug-in.
4. Add Apache Struts RCE S2-062（CVE-2021-31805） Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.25* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2600 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2501.dat to rsas-vulweb-V6.0R02F00.2508.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2507 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2507 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2508 .

The upgrade package includes the following updates:
1. Add Apache httpd mod_proxy SSRF Vulnerability (CVE-2021-40438) Plug-in.
2. Add Target Site Detected to Use Swagger API Documents Plug-in.
3. Add Spring Cloud Function SpEL Expression Injection Vulnerability Plug-in.
4. Update MeterSphere Unauthorized File Upload Vulnerability (CVE-2021-45790) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2506 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2506 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2507 .

The upgrade package includes the following updates:
1. Add Spring Framework Remote Code Execution Vulnerability Harmless Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2505 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2505 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2506 .

The upgrade package includes the following updates:
1. Add Spring Framework RCE Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2504 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2504 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2505 .

The upgrade package includes the following updates:
1. Add phpMyAdmin Before 5.1.2 XSS Vulnerability (CVE-2022-23808) Plug-in.
2. Add Jetty WEB-INF File Read Vulnerability (CVE-2021-34429) Plug-in.
3. Add DedeCMS SSTI Template Injection Plug-in.
4. Add Atlassian Jira Server Unauthorized SSRF Vulnerability (CVE-2019-8451) Plug-in.
5. Add GitLab Unauthorized SSRF Vulnerability (CVE-2021-22214) Plug-in.
6. Add WordPress UpdraftPlus Plugin Arbitrary Backfile Download Vulnerability (CVE-2022-0633) Plug-in.
7. Update ThinkPHP 5.x request.php Variable Overwrite Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2503 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2503 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2504 .

The upgrade package includes the following updates:
1. Add Zabbix SAML Authentication Bypass Vulnerability (CVE-2022-23131) Plug-in.
2. Add Detection of Weak Passwords on Zabbix Plug-in.
3. Add Zimbra XML External Entity Vulnerability (CVE-2019-9670) Plug-in.
4. Add Spring Cloud Gateway Actuator API SpEL Remote Code Execution Vulnerability(CVE-2022-22947) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2502 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2502 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2503 .

The upgrade package includes the following updates:
1. Add Gitblit Code Repositories with Anonymous Access Plug-in.
2. Add Gitblit Weak Password Plug-in.
3. Add Apache ShenYu Unauthorized Access Vulnerability (CVE-2022-23944) Plug-in.
4. Add phpMyAdmin 4.8.1 Remote File Containment Vulnerability (CVE-2018-12613) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2501 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2501 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2502 .

The upgrade package includes the following updates:
1. Update Apache Log4j2 Remote Code Execution Vulnerability Plug-in.
2. Update Grafana Unauthenticated Arbitrary File Read Vulnerability (CVE-2021-43798) Plug-in.
3. Update Detection of Source Code Disclosure in the Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2500 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2500 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2501 .

The upgrade package includes the following updates:
1. Add MeterSphere Remote Command Execution Vulnerability Plug-in.
2. Add MeterSphere Unauthorized File Upload Vulnerability (CVE-2021-45790) Plug-in.
3. Add MeterSphere File Read Vulnerability (CVE-2021-45789) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.24* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2500 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2401.dat to rsas-vulweb-V6.0R02F00.2411.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2410 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2411 .

This package includes the following updates:
1. Add Atlassian Jira Server File Read Vulnerability (CVE-2020-29453).
2. Add Atlassian Jira Server File Read Vulnerability (CVE-2019-8442).
3. Add Atlassian Jira Server Unauthenticated User Enumeration (CVE-2019-8449).
4. Add Atlassian Jira Server Unauthenticated User Enumeration (CVE-2020-14181).
5. Add Grafana Unauthenticated Arbitrary File Read Vulnerability (CVE-2021-43798).
6. Add Apache APISIX Dashboard Unauthorized Access Vulnerability (CVE-2021-45232).

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2409 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2410 .

This package includes the following updates:
1. Add Atlassian Jira Server File Read Vulnerability (CVE-2021-26086).
2. Add Atlassian Jira Server Unauthenticated User Enumeration (CVE-2020-36289).
3. Add Detection of Apache Log4j2 Remote Code Execution Vulnerability in Apache Druid .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2408 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2409 .

This package includes the following updates:
1. Update Apache Log4j2 Remote Code Execution Vulnerability(CVE-2021-44228).

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2407 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2408 .

This package includes the following updates:
1. Update Apache Log4j2 RCE.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2406 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2407 .

This package includes the following updates:
1. Update Apache Log4j2 RCE.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2405 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2406 .

This package includes the following updates:
1. Add Apache Log4j2 RCE.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2404 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2405 .

This package includes the following updates:
1. Add Apache ShenYu Admin Authentication Bypass Vulnerability (CVE-2021-37580).
2. Add Metabase Sensitive Information Disclosure Vulnerability (CVE-2021-41277).
3. Add Apache Druid LoadData Arbitrary File Read Vulnerability (CVE-2021-36749).
4. Add Weaver E-office File Upload Vulnerability (CNVD-2021-49104).
5. Add Hikvision Product Command Injection Vulnerability (CVE-2021-36260).

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2403 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2404 .

This package includes the following updates:
1. Add Kingdee EAS build.jsp Directory Traversal Vulnerability.
2. Add Kingdee EAS Backend Arbitrary File Read Vulnerability.
3. Add Kingdee EAS logoImgServlet Page Directory Traversal Vulnerability.
4. Add Nacos Unauthorized Access Vulnerability (CVE-2021-29441).
5. Add SonarQube API Unauthorized Access Vulnerability (CVE-2020-27986).
6. Add Atlassian Confluence Server File Read Vulnerability (CVE-2021-26085).

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2402 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2403 .

This package includes the following updates:
1. Add Kingdee EAS Log Information Disclosure Vulnerability.
2. Add Kingdee EAS Apusic Monitoring Information Disclosure Vulnerability.
3. Add GitLab Remote Command Execution Vulnerability (CVE-2021-22205).

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2401 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2402 .

This package includes the following updates:
1. Optimize crawler.
2. Add Apache HTTP Server Directory Traversal and Remote Command Execution Vulnerability (CVE-2021-41773).
3. Add Apache HTTP Server Directory Traversal and Remote Command Execution Vulnerability (CVE-2021-42013).
4. Add Nexus Repository UserComponent Remote Code Execution Vulnerability(CVE-2018-16621).
5. Add Nexus Repository UserComponent Remote Code Execution Vulnerability(CVE-2020-10204).
6. Add Atlassian JIRA Ehcache RMI Remote Code Execution Vulnerability (CVE-2020-36239).

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2400 . This upgrade package is an incremental upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2401 .

This package includes the following updates:
1. Add ECShop Backend delete_cart_goods.php SQL Injection Vulnerability (CNVD-2020-58823).
2. Add ECShop Backend mobile_setting.php SQL Injection Vulnerability.
3. Add ECShop 2.x/3.x user.php SQL Injection Vulnerability.
4. Add Kingdee EAS Information Disclosure Vulnerability.
5. Add Kingdee EAS Directory Traversal Vulnerability (CNVD-2021-09699).
6. Update Detection of Storage XSS Vulnerability on Target URL.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.23* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2400 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2301.dat to rsas-vulweb-V6.0R02F00.2307.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2306 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2306 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2307 .

The upgrade package includes the following updates:
1. Add phpunit Remote Code Execution Vulnerability (CVE-2017-9841) Plug-in.
2. Add UEditor File Upload Vulnerability Plug-in.
3. Add ECShop Backend shopinfo.php SQL Injection Vulnerability (CNVD-2016-12221) Plug-in.
4. Add ECShop Backend order.php SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2305 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2305 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2306 .

The upgrade package includes the following updates:
1. Add Atlassian Confluence Remote Code Execution Vulnerability (CVE-2021-26084) Plug-in.
2. Update Plug-in time consuming optimization.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2304 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2304 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2305 .

The upgrade package includes the following updates:
1. Add Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-34473) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2303 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2303 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2304 .

The upgrade package includes the following updates:
1. Add WordPress wpDiscuz Plugin Arbitrary File Upload Vulnerability (CVE-2020-24186) Plug-in.
2. Add WordPress wpDiscuz Plugin SQL Injection Vulnerability (CVE-2020-13640) Plug-in.
3. Add WordPress Super Progressive Web Apps Before 2.1.11 Arbitrary File Vulnerability Plug-in.
4. Add WordPress Super Progressive Web Apps Before 2.1.12 Arbitrary File Vulnerability Plug-in.
5. Update Detection of Relative Path Overwrite Vulnerability in Target URL Plug-in.
6. Update Arbitrary File Access Vulnerability Detected on Target Host Plug-in.
7. Update Ruijie Networks RSR Router Web Management Weak Password Plug-in.
8. Update Weaver E-cology OA System SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2302 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2302 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2303 .

The upgrade package includes the following updates:
1. Add Hashicorp Consul Web UI and API Unauthorized Access Plug-in.
2. Add Hashicorp Consul Services API Remote Command Execution Plug-in.
3. Add Hashicorp Consul Remote Command Execution Plug-in.
4. Add Ruijie Networks RSR Router Web Management Weak Password Plug-in.
5. Add Zabbix latest.php SQL Injection Vulnerability Plug-in.
6. Add H2 Database Console Unauthorized Access Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2301 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2301 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2302 .

The upgrade package includes the following updates:
1. Add Frontier Document Security System Remote Code Execution Vulnerability Plug-in.
2. Add ECShop Backend comment_manage.php SQL Injection Vulnerability Plug-in.
3. Add ECShop Backend shophelp.php SQL Injection Vulnerability Plug-in.
4. Add ECShop Backend affiliate_ck.php SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2300 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2300 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2301 .

The upgrade package includes the following updates:
1. Add 74CMS Template Injection getshell Vulnerability Plug-in.
2. Add Apache Kylin Unauthorized Configuration Information Disclosure Vulnerability (CVE-2020-13937) Plug-in.
3. Add Node-RED ui_base Arbitrary File Read Vulnerability (CVE-2021-3223) Plug-in.
4. Add Fuma Cloud SQL Injection Vulnerability Plug-in.
5. Update Apache Struts S2-009 'ParameterInterceptor' Security Bypass Vulnerability (CVE-2011-3923) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.22* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2300 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2201.dat to rsas-vulweb-V6.0R02F00.2204.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2203 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2203 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2204 .

The upgrade package includes the following updates:
1. Add Jetty Information Disclosure Vulnerability (CVE-2021-28164) Plug-in.
2. Add Jetty Servlets Common Component ConcatServlet Information Disclosure Vulnerability (CVE-2021-28169) Plug-in.
3. Add Yonyou NC BeanShell Remote Code Execution Vulnerability (CNVD-2021-30167) Plug-in.
4. Add Sangfor Behavior Awareness System Remote Command Execution Vulnerability Plug-in.
5. Add Sangfor Log Center Platform DC Remote Command Execution Vulnerability Plug-in.
6. Add Anysec Next-Generation Firewall Control System Account Password Leakage Vulnerability Plug-in.
7. Add Anysec Next-Generation Firewall Control System download.php Arbitrary File Read Vulnerability Plug-in.
8. Add Ruijie UAC 6000-ISG Video Surveillance Security Gateway System Account Password Leakage Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2202 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2202 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2203 .

The upgrade package includes the following updates:
1. Add H3C Intelligent Management Center Default Password Vulnerability Plug-in.
2. Add H3C Intelligent Management Center dynamiccontent.properties.xhtm Remote Command Execution Vulnerability Plug-in.
3. Add Weaver e-cology OA System WorkflowServiceXml Remote Code Execution Vulnerability Plug-in.
4. Add Qilai OA messageurl.aspx SQL Injection Vulnerability Plug-in.
5. Add Qilai OA treelist.aspx SQL Injection Vulnerability Plug-in.
6. Add Qilai OA CloseMsg.aspx SQL Injection Vulnerability Plug-in.
7. Add Qilai OA GetUser.aspx SQL Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2201 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2201 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2202 .

The upgrade package includes the following updates:
1. Add Landray OA custom.jsp Arbitrary File Read Vulnerability Plug-in.
2. Add Ruijie EG Web Management System Administrator Password Information Disclosure Vulnerability Plug-in.
3. Add Ruijie EG Web Management System download.php Arbitrary File Read Vulnerability Plug-in.
4. Add Ruijie EG Web Management System cli.php Remote Command Execution Vulnerability Plug-in.
5. Add Alibaba Canal Default Password Vulnerability Plug-in.
6. Add Alibaba Canal config Cloud Key Information Disclosure Vulnerability Plug-in.
7. Add Citrix XenMobile help-sb-download.jsp Arbitrary File Read Vulnerability (CVE-2020-8209) Plug-in.
8. Add H3C SecParh Operation and Maintenance Audit System Arbitrary User Login Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2200 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2200. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2201 .

The upgrade package includes the following updates:
1. Add Kingsoft V8+ Terminal Security System downfile.php Arbitrary File Reading Vulnerability Plug-in .
2. Add ThinkAdmin v6 Directory Information Disclosure Vulnerability Plug-in .
3. Add Seeyon A6-M Collaborative Management Software initDataAssess.jsp User Sensitive Information Disclosure Vulnerability Plug-in .
4. Add Seeyon A6-M Collaborative Management Software DownExcelBeanServlet User Sensitive Information Disclosure Vulnerability Plug-in .
5. Add Yonyou U8 OA test.jsp SQL Injection Vulnerability Plug-in .
6. Add Yonyou GRP-U8 XXE Vulnerability Plug-in .
7. Add Ruijie Cloud Class Directory List Information Disclosure Vulnerability Plug-in .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.21* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2200 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2101.dat to rsas-vulweb-V6.0R02F00.2117.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2116 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2116 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2117 .

The upgrade package includes the following updates:
1. Add Apache OFBiz Deserialization Command Execution Vulnerability (CVE-2020-9496) Plug-in.
2. Add Apache OFBiz XXE Vulnerability (CVE-2018-8033) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2115 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2115 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2116 .

The upgrade package includes the following updates:
1. Add Kingsoft V8+ Terminal Security System pdf_maker.php Remote Command Execution Vulnerability Plug-in.
2. Add RuoYi Management System Ali Druid Unauthorized Access Vulnerability Plug-in.
3. Add RuoYi Management System Arbitrary File Download Vulnerability Plug-in.
4. Add Lanproxy Directory Traversal Vulnerability (CVE-2021-3019) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2114 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2114 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2115 .

The upgrade package includes the following updates:
1. Add MessageSolution Information Disclosure Vulnerability (CNVD-2021-10543) Plug-in.
2. Add Tpshop Directory Traversal Vulnerability Plug-in.
3. Add ThinkAdmin v6 Arbitrary File Read Vulnerability (CVE-2020-25540) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2113 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2113 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2114 .

The upgrade package includes the following updates:
1. Add WebLogic T3 Deserialization Remote Code Execution Vulnerability Plug-in.
2. Add Ruijie RG-UAC System Information Disclosure Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2112 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2112 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2113 .

The upgrade package includes the following update:
1. Add Weaver E-cology OA Unauthenticated Arbitrary File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2111 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2111 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2112 .

The upgrade package includes the following updates:
1. Add Coremail Privilege Bypass Vulnerability Plug-in.
2. Add Coremail Tomcat Server Manager Weak Password Vulnerability Plug-in.
3. Add Ruijie Smartweb Manager System Weak Password Vulnerability Plug-in.
4. Add Datang AC System Weak Password Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2110 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2110 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2111 .

The upgrade package includes the following updates:
1. Add TongWeb Arbitrary File Upload Vulnerability Plug-in.
2. Add Kyan network monitoring device account and password leak vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2109 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2109 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2110 .

The upgrade package includes the following updates:
1. Add Seeyon A6-m User Session Information Disclosure Vulnerability Plug-in.
2. Add Seeyon A6-m test.jsp SQL Injection Vulnerability Plug-in.
3. Add Seeyon A6-m setextno.jsp SQL Injection Vulnerability Plug-in.
4. Add Ruijie NBR EWEB Remote Command Execution Vulnerability (CNVD-2021-09650) Plug-in.
5. Add Leagsoft IT Secure Management System Arbitrary File Upload Vulnerability Plug-in.
6. Add Seeyon A8-m Status Monitor Page Default Password Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2108 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2108 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2109 .

The upgrade package includes the following updates:
1. Add Office Anywhere Online User Cookie Disclosure Vulnerability Plug-in.
2. Add Inspur ClusterEngine System SysShell Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2107 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2107 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2108 .

The upgrade package includes the following updates:
1. Add Hikvision Streaming Media Manager Devices Arbitrary File Read Vulnerability (CNVD-2021-16007) Plug-in.
2. Add Hikvision Streaming Media Manager Devices Weakpassword (CNVD-2021-14544) Plug-in.
3. Add Kingsoft V8+ Endpoint Safety System Default Password Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2106 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2106 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2107 .

The upgrade package includes the following updates:
1. Add QI-ANXIN Endpoint Security Management System (Tianqing) SQL Injection Vulnerability Plug-in.
2. Add QI-ANXIN Endpoint Security Management System (Tianqing) Database Infomation Disclosure Vulnerability Plug-in.
3. Add eYou Mail System Remote Code Execution Vulnerability Plug-in.
4. Add Vesystem VENGD Arbitrary File Upload Remote Code Execution Vulnerability Plug-in.
5. Add Ruijie Smartweb Manager System Information Disclosure Vulnerability Plug-in.
6. Add iKuai Router System Arbitrary File Read Vulnerability (CNVD-2020-04878) Plug-in.
7. Add Apache Shiro Privilege Bypass Vulnerability (CVE-2020-1957) Plug-in.
8. Add Apache Shiro Privilege Bypass Vulnerability (CVE-2020-11989) Plug-in.
9. Add Apache Shiro Privilege Bypass Vulnerability (CVE-2020-13933) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2105 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2105 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2106 .

The upgrade package includes the following updates:
1. Add Samsung Router WLAN AP Arbitrary File Read Vulnerability (CNVD-2021-18483) Plug-in.
2. Add Samsung Router WLAN AP Remote Code Execution Vulnerability (CNVD-2021-18482) Plug-in.
3. Add Inspur ClusterEngine System Remote Code Execution Vulnerability Plug-in.
4. Add Inspur ClusterEngine System Any User Login Vulnerability Plug-in.
5. Add ShopXO Arbitrary File Read Vulnerability (CNVD-2021-14523) Plug-in.
6. Add Yinpeng Haoshitong Arbitrary File Download Vulnerability (CNVD-2020-62437) Plug-in.
7. Add Wangkang NGFW Remote Code Execution Vulnerability Plug-in.
8. Add Yongyou NCFindWeb Directory Traversal Vulnerabilities Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2104 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2104 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2105 .

The upgrade package includes the following update:
1. Add Yongyou NC Servlet Java Deserialization Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2103 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2103 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2104 .

The upgrade package includes the following updates:
1. Add Shterm Arbitrary User Login Vulnerability Plug-in.
2. Add FineReport Arbitrary File Read Vulnerability (CNVD-2018-04757) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2102 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2102 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2103 .

The upgrade package includes the following update:
1. Add Seeyon OA Administrator Cookie Information Disclosure Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2101 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2101 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2102 .

The upgrade package includes the following updates:
1. Add Detection of Unauthorized Access Vulnerability in Target Druid Monitor Plug-in.
2. Add Detection of Weak Passwords in iBMC Plug-in.
3. Add Seeyon OA Webmail Arbitrary File Read Vulnerability Plug-in.
4. Add Seeyon OA menu.do uploadMenuIcon File Write Vulnerability Plug-in.
5. Add Seeyon OA File Upload Vulnerability (CNVD-2020-10520) Plug-in.
6. Add Seeyon OA seeyonreport Server Path Traversal Vulnerability Plug-in.
7. Add Seeyon OA officeservlet Arbitrary File Read Vulnerability Plug-in.
8. Add F5 BIG-IP iControl REST Unauthenticated Remote Command Execution Vulnerability (CVE-2021-22986) Plug-in.
9. Add vulnerability verification plug-ins (The vulnerability verification function can work only in V6.0R04F00 and later).

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2100 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2100 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2101 .

The upgrade package includes the following updates:
1. Add Weaver E-cology OA V9 Arbitrary File Upload Remote Code Execution Vulnerability Plug-in.
2. Add Jellyfin Arbitrary File Read Vulnerability (CVE-2021-21402) Plug-in .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.20* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2100 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.2001.dat to rsas-vulweb-V6.0R02F00.2006.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2005 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2005 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2006 .

The upgrade package includes the following updates:
1. Add Yonyou Arbitrary File Upload Vulnerability Plug-in.
2. Add Seeyon A8+ Collaborative Management Software Arbitrary File Upload Remote Code Execution Vulnerability Plug-in.
3. Add Seeyon OA ajax.do Privilege Bypass Vulnerability Plug-in.
4. Add Seeyon OA ajaxAction formulaManager File Upload Vulnerability Plug-in.
5. Add Seeyon OA m3 Interface Information Disclosure Vulnerability Plug-in.
6. Update LDAP Injection Detected on Target Website Plug-in.
7. Update Weaver E-cology OA V8 Arbitrary File Upload Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2004 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2004 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2005 .

The upgrade package includes the following updates:
1. Add Spring Boot Actuator Detected to Be Used at Target Site Plug-in.
2. Add Microsoft Exchange Server Server-Side Request Forgery Vulnerability (CVE-2021-26855) Plug-in.
3. Update Spring Boot Actuator Unauthorized Access Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2003 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2003 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2004 .

The upgrade package includes the following updates:
1. Add GoAhead Remote Command Execution Vulnerability Plug-in.
2. Update SQL Injection Vulnerability Detected on Target URL Plug-in.
3. Update WebLogic Deserialization Remote Code Execution Vulnerability (CVE-2019-2725) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2002 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2002 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2003 .

The upgrade package includes the following updates:
1. Add Laravel Ignition 2.5.1 Arbitrary Code Execution Vulnerability (CVE-2021-3129) Plug-in.
2. Add WebLogic Remote Code Execution Vulnerability (CVE-2021-2109) Plug-in.
3. Add SonicWall SSL-VPN Unauthentication RCE Vulnerability Plug-in.
4. Add Apache Druid Remote Code Execution Vulnerability (CVE-2021-25646) Plug-in.
5. Add Jackson-databind Multi Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2001 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2001 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2002 .

The upgrade package includes the following updates:
1. Add Node.js Directory Traversal Vulnerability (CVE-2017-14849) Plug-in.
2. Add Jackson-databind Remote Code Execution Vulnerability (CVE-2020-36179) Plug-in.
3. Add JumpServer Unauthorized Access Remote Command Execution Vulnerability Plug-in.
4. Update WebLogic wls-wsat Component Remote Command Execution Vulnerability (CVE-2017-10271) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.2000 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.2000 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2001 .

The upgrade package includes the following updates:
1. Add Authentication Bypass for HTTP Verb Tampering Plug-in.
2. Add Detection of Absence of the Strict-Transport-Security Header on the Target Plug-in.
3. Add Detection of Absence of the Referrer-Policy Header on the Target Plug-in.
4. Add Detection of Absence of the X-Permitted-Cross-Domain-Policies Header on the Target Plug-in.
5. Add Detection of Absence of the X-Download-Options Header on the Target Plug-in.
6. Add Apache Flink Directory Traversal Vulnerability (CVE-2020-17519) Plug-in.
7. Update System Command Injection Vulnerability Detected in Target URL Plug-in.
8. Update Detection of Source Code Disclosure in the Target Website Plug-in.
9. Update Elasticsearch Groovy Arbitrary Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.19* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.2000 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1901.dat to rsas-vulweb-V6.0R02F00.1909.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1908 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1908 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1909 .

The upgrade package includes the following updates:
1. Add Flask (Jinja2) Server-Side Template Injection (SSTI) Vulnerability Plug-in.
2. Add Yongyou NC Java Deserialization Remote Code Execution Vulnerability Plug-in.
3. Add Jetty Web Server Shared Buffers Remote Disclosure Vulnerability (CVE-2015-2080) Plug-in.
4. Add SiteServer background_log.aspx SQL Injection Vulnerability Plug-in.
5. Add eYou Mail System em_controller_action_help.class.php SQL Injection Vulnerability Plug-in.
6. Add KesionCMS 6.x-7.06 /user/reg/regajax.asp SQL Injection Vulnerability Plug-in.
7. Update Spring Boot Actuator Unauthorized Access Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1907 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1907 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1908 .

The upgrade package includes the following update:
1. Add Apache Struts2 S2-061 Remote Code Execution Vulnerability (CVE-2020-17530) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1906 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1906 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1907 .

The upgrade package includes the following updates:
1. Add vulnerability verification plug-ins (The vulnerability verification function can work only in V6.0R04F00 and later).
2. Add Apache Struts2 S2-017 Multiple Open Redirect Vulnerabilities (CVE-2013-2248) Plug-in.
3. Add DedeCMS 5.7SP1 /plus/recommend.php SQL Injection Vulnerability Plug-in.
4. Update SQL Injection Vulnerability Detected on Target URL Plug-in.
5. Update ASP Code Injection Vulnerability Detected at Target Website Plug-in.
6. Update System Directory Disclosure on Target Server Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1905 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1905 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1906 .

The upgrade package includes the following updates:
1. Add vulnerability verification plug-ins (The vulnerability verification function can work only in V6.0R04F00 and later).
2. Update Detection of Weak Password on Target Web Application Form Plug-in.
3. Update SQL Injection Login Restriction Bypass Vulnerability on Target Website Plug-in.
4. Update WebLogic Deserialization Remote Code Execution Vulnerability (CVE-2019-2725) Plug-in.
5. Update Apache Struts 2 S2-059 Remote Code Execution Vulnerability (CVE-2019-0230) Plug-in.
6. Update Detection of Sensitive Words in the Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1904 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1904 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1905 .

The upgrade package includes the following updates:
1. Add vulnerability verification plug-ins (The vulnerability verification function can work only in V6.0R04F00 and later).
2. Add Weaver E-cology OA V8 Arbitrary File Upload Remote Code Execution Vulnerability Plug-in.
3. Add Apache Shiro RememberMe Deserialization Process Command Execution Vulnerability Plug-in.
4. Add Spring Data Commons Remote Command Execution Vulnerability (CVE-2018-1273) Plug-in.
5. Add Detection of Sensitive Words in the Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1903 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1903 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1904 .

The upgrade package includes the following updates:
1. Add WebLogic Console HTTP Remote Code Execution Vulnerability (CVE-2020-14883) Plug-in.
2. Add WebLogic Console Unauthorized Access Vulnerability (CVE-2020-14882) Patch Bypass Plug-in.
3. Add WebLogic Console Unauthorized Access Vulnerability (CVE-2020-14882) Plug-in.
4. Update WebLogic Console HTTP Unauthorized Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1902 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1902 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1903 .

The upgrade package includes the following updates:
1. Add vulnerability verification plug-ins (The vulnerability verification function can work only in V6.0R04F00 and later).
2. Add WebLogic HTTP Deserialization Vulnerability (CVE-2020-14882) Plug-in.
3. Add ZenTao Project Management Software Arbitrary File Read Vulnerability Plug-in.
4. Add ZenTao Project Management Software Arbitrary File Upload Vulnerability Plug-in.
5. Update Apache Struts2 S2-032 Remote Code Execution Vulnerability (CVE-2016-3081) Plug-in.
6. Update Apache Struts2 S2-033 Remote Code Execution Vulnerability (CVE-2016-3087) Plug-in.
7. Update ThinkPHP 5.x request.php Variable Overwrite Remote Code Execution Vulnerability Plug-in.
8. Update Apache Struts2 S2-045 Remote Code Execution Vulnerability (CVE-2017-5638) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1901 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1901 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1902 .

The upgrade package includes the following updates:
1. Add vulnerability verification plug-ins (The vulnerability verification function can work only in V6.0R04F00 and later).

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1900 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1900 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1901 .

The upgrade package includes the following updates:
1. Add Django GIS SQL Injection Vulnerability (CVE-2020-9402) Plug-in.
2. Add Detection of the Web Service of Moxa Networking Devices Plug-in.
3. Add Detection of an Unauthorized Access Vulnerability on the Web-based Manager of Moxa MGate Plug-in.
4. Add Detection of an Unauthorized Access Vulnerability on the Web-based Manager of CanHigher NC600 Plug-in.
5. Update Detection of Weak Password on Target Web Application Form Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.18* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1900 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1801.dat to rsas-vulweb-V6.0R02F00.1817.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1816 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1816 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1817 .

The upgrade package includes the following updates:
1. Add FastAdmin Front Desk Member Center Arbitrary Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1815 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1815 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1816 .

The upgrade package includes the following updates:
1. Add Yii2 Deserialization Remote Code Execution Vulnerability (CVE-2020-15148) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1814 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1814 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1815 .

The upgrade package includes the following updates:
1. Add WebLogic Arbitrary File Upload Vulnerability (CVE-2018-2894) Plug-in.
2. Add WebLogic IIOP Deserialization Vulnerability (CVE-2020-2551) Plug-in.
3. Add Jenkins Arbitrary File Read Vulnerability (CVE-2018-1999002) Plug-in.
4. Update Apache Solr Remote Code Execution Vulnerability (CVE-2019-0193) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1813 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1813 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1814 .

The upgrade package includes the following updates:
1. Add Office Anywhere delete_cascade.php SQL Injection Vulnerability Plug-in.
2. Add Office Anywhere print.php Arbitrary File Deletion Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1812 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1812 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1813 .

The upgrade package includes the following updates:
1. Add Leagsoft UniNID Arbitrary File Upload Vulnerability Plug-in.
2. Add Weaver E-cology OA System SQL Injection Vulnerability Plug-in.
3. Add Wrdtech WebVPN Command Injection Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

本升级包为web插件升级包，支持的web插件版本为V6.0R02F00.1811。升级包为增量升级包，升级后系统版本不变，web插件版本变更为V6.0R02F00.1812。

该升级包包含的变动有：
1. 增加泛微云桥e-bridge任意文件读取漏洞扫描插件。

注意事项：
1. 本升级包升级完成后自动重启引擎生效，升级过程中可能会影响正在使用的功能，请选择在合适的时间进行升级。]]></description>
<description lang="en_US"><![CDATA[
This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1811 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1811 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1812 .

The upgrade package includes the following updates:
1. Add E-bridge Arbitrary File Reading Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1810 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1810 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1811 .

The upgrade package includes the following updates:
1. Add Apache DolphinScheduler Permission Overwrite Vulnerability(CVE-2020-13922) Plug-in.
2. Add Yongyou GRP-U8 Remote Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1809 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1809 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1810 .

The upgrade package includes the following updates:
1. Add SANGFOR Endpoint Detection Response (EDR) Arbitrary Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1808 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1808 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1809 .

The upgrade package includes the following updates:
1. Add BT-Panel Database Management Unauthorized Access Vulnerability Plug-in.
2. Update WordPress Pingback Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.]

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1807 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1807 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1808 .

The upgrade package includes the following updates:
1. Add SANGFOR Endpoint Detection Response (EDR) Arbitrary User Login Vulnerability Plug-in.
2. Add Apache Shiro RememberMe Parameter Key Enumeration Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1806 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1806 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1807 .

The upgrade package includes the following updates:
1. Add SANGFOR EDR Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1805 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1805 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1806 .

The upgrade package includes the following updates:
1. Add Office Anywhere retrieve_pwd.php SQL injection Vulnerability Plug-in.
2. Add Office Anywhere upload.php Arbitrary File Upload Vulnerability Plug-in.
3. Add Office Anywhere getdata.php Arbitrary File Upload Vulnerability Plug-in.
4. Add Office Anywhere upload.php Arbitrary File Delete Vulnerability Plug-in.
5. Add Office Anywhere second_tabs.php File Inclusion Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1804 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1804 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1805 .

The upgrade package includes the following updates:
1. Add Apache Struts 2 S2-059 Remote Code Execution Vulnerability (CVE-2019-0230) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1803 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1803 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1804 .

The upgrade package includes the following updates:
1. Update Apache Struts 2 S2-057 Remote Code Execution Vulnerability (CVE-2018-11776) Plug-in.
2. Update WebLogic Java Unserialize Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1802 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1802 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1803 .

The upgrade package includes the following update:
1. Add WebLogic Deserialization Remote Code Execution Vulnerability (CVE-2020-14645) Plug-in.
2. Add Spring Boot Actuator Unauthorized Access Plug-in.
3. Add Apache Shiro RememberMe 1.2.4 Deserialization Process Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1801 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1801 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1802 .

The upgrade package includes the following update:
1. Add Apache Dubbo Remote Code Execution Vulnerability (CVE-2020-1948) Plug-in.
2. Add Apache Dubbo Remote Code Execution Vulnerability (CVE-2020-1948) Patch Bypass Plug-in.
3. Add Apache Struts 2 S2-012 Remote Code Execution Vulnerability (CVE-2013-1965) Plug-in.
4. Add Apache Struts 2 S2-015 Remote Code Execution Vulnerability (CVE-2013-2134) Plug-in.
5. Add Apache Struts 2 S2-055 Jackson Deserialization Vulnerability (CVE-2017-7525) Plug-in.
6.Update Possible Slow HTTP Denial-of-Service Attack Detected on Target Hosts Plug-in.
7.Update Fastjson Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1800 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1800 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1801 .

The upgrade package includes the following update:
1. Add F5 BIG-IP TMUI Remote Code Execution Vulnerability(CVE-2020-5902) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.17* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1800 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1701.dat to rsas-vulweb-V6.0R02F00.1709.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1708 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1708 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1709 .

The upgrade package includes the following update:
1. Add TRS WCM Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1707 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1707 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1708 .

The upgrade package includes the following updates:
1. Add ApereoCAS 4.1.X Default Key Deserialization Vulnerability Plug-in.
2. Add Hessian Deserialization Remote Code Execution Vulnerability Plug-in.
3. Add Detection of Absence of the Content-Security-Policy Header on the Target Plug-in.
4. Add Detection of Absence of the X-Content-Type-Options Header on the Target Plug-in.
5. Add Detection of Absence of the X-XSS-Protection Header on the Target Plug-in.
6. Add Detection of Client (JavaScript) Cookie Reference on the Target URL Plug-in.
7. Update Fastjson Unserialize Remote Code Execution Vulnerability (CNVD-2020-30827) Plug-in.
8. Update Detection of Weak Password on Target Web Application Form Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1706 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1706 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1707 .

The upgrade package includes the following update:
1. Add Fastjson Unserialize Remote Code Execution Vulnerability (CNVD-2020-30827) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1705 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1705 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1706 .

The upgrade package includes the following updates:
1. Add Apache ActiveMQ Web Console Unauthorized Access Vulnerability Plug-in.
2. Add Apache ActiveMQ Fileserver Arbitrary File Upload Vulnerability (CVE-2016-3088) Plug-in.
3. Add Apache ActiveMQ Fileserver Remote Code Execution Vulnerability (CVE-2016-3088) Plug-in.
4. Add Apache ActiveMQ OpenWire Protocol Information Disclosure Vulnerability (CVE-2017-15709) Plug-in.
5. Add Apache ActiveMQ Directory Traversal Vulnerability (CVE-2015-1830) Plug-in.
6. Add Apache Hadoop YARN Resource Manager REST API Unauthorized Access Vulnerability Plug-in.
7. Update Detection of Slow HTTP Denial-of-Service Attack on Target Host Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1704 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1704 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1705 .

The upgrade package includes the following updates:
1. Add Adobe ColdFusion Deserialization Security Vulnerability (CVE-2017-3066) Plug-in.
2. Add Apache Flex BlazeDS AMF Deserialization Vulnerability (CVE-2017-5641) Plug-in.
3. Add Apache ActiveMQ Deserialization Vulnerability (CVE-2015-5254) Plug-in.
4. Add Detection of Hidden Links in the Target URL Plug-in.
5. Update Apache Flex BlazeDS XML External Entity Vulnerability (CVE-2015-3269) Plug-in.
6. Update Detection of Slow HTTP Denial-of-Service Attack on Target Host Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1703 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1703 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1704 .

The upgrade package includes the following update:
1. Add Adobe LiveCycle Data Services XXE Vulnerability（CVE-2015-3269） Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1702 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1702 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1703 .

The upgrade package includes the following updates:
1. Add Office Anywhere Frontend Arbitrary User Impersonation Login Vulnerability Plug-in.
2. Add Office Anywhere Arbitrary File Inclusion Vulnerability Plug-in.
3. Add Fastjson Prior to 1.2.68 Remote Code Execution Vulnerability Plug-in.
4. Add Fastjson Prior to 1.2.67 Remote Code Execution Vulnerability Plug-in.
5. Update Detection of Weak Password on Target Web Application Form Plug-in.
6. Update SQL Injection Login Restriction Bypass Vulnerability on Target Website Plug-in.
7. Update KindEditor File Upload Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1701 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1701 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1702 .

The upgrade package includes the following updates:
1. Add WebLogic T3 Remote Code Execution Vulnerability (CVE-2020-2884) Plug-in.
2. Add WebLogic T3 Remote Code Execution Vulnerability (CVE-2020-2883) Plug-in.
3. Update ElasticSearch Remote Code Execution Vulnerability Plug-in.
4. Update Unauthorized Access Detected to Target MongoDB Database Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1700 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1700 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1701 .

The upgrade package includes the following updates:
1. Add Office Anywhere Arbitrary File Upload Vulnerability Plug-in.
2. Add Office Anywhere Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.16* . This upgrade package is a merged upgrade package . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1700 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1601.dat to rsas-vulweb-V6.0R02F00.1607.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1606 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1606 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1607 .

The upgrade package includes the following updates:
1.Update Malicious Code Exists on the Page Plug-in.
2.Update Detection of Relative Path Overwrite Vulnerability in Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1605 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1605 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1606 .

The upgrade package includes the following updates:
1.Add Weblogic Coherence Deserialization Remote Code Execution Vulnerability (CVE-2020-2555) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1604 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1604 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1605 .

The upgrade package includes the following updates:
1.Add Fastjson Remote Code Execution Vulnerability (CVE-2020-8840) Plug-in.
2.Update Apache Tomcat File Include Vulnerability (CVE-2020-1938) Plug-in.
3.Update Session Cookies Detected to Be Without Secure Attribute Plug-in.
4.Update SQL Injection Vulnerability Detected on Target URL Plug-in.
5.Update Detection of Weak Password on Target Web Application Form Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1603 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1603 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1604 .

The upgrade package includes the following updates:
1.Update Apache Tomcat File Include Vulnerability（CVE-2020-1938） Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1602 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1602 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1603 .

The upgrade package includes the following updates:
1. Add Apache Tomcat File Include Vulnerability（CVE-2020-1938） Plug-in.
2. Update Drupal Remote Code Execution Vulnerability (CVE-2018-7600) Plug-in.
3. Update Detection of JavaScript Framework/Library Vulnerability in Target Website Plug-in.
4. Update jQuery Cross-Site Scripting Vulnerability Plug-in.
5. Update Detection of CSRF Vulnerability on Target Website Plug-in.
6. Update Session Cookies Detected to Be Without Secure Attribute Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1601 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1601 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1602 .

The upgrade package includes the following updates:
1. Update allowscriptaccess of Flash Detected to Be always Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1600 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1600 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1601 .

The upgrade package includes the following updates:
1. Update Account Files Detected on Target Website Plug-in.
2. Update SNMP Weak Password Sensitive Information Disclosure Plug-in.
3. Update Detection of Anonymous Access to Target FTP Service Plug-in.
4. Update CouchDB Unauthorized Access System Command Execution Plug-in.
5. Update Detection of Unauthorized Access Vulnerability in Target Solr Plug-in.
6. Update WebLogic Java Unserialize Remote Code Execution Vulnerability Plug-in.
7. Update WebSphere Java Unserialize Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.15* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1600 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1501.dat to rsas-vulweb-V6.0R02F00.1505.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1504 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1504 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1505 .

The upgrade package includes the following updates:
1. Add Detection of Relative Path Overwrite Vulnerability in Target URL Plug-in.
2. Update Detection of Brue-Force Attack on Forms of Target Web Application Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1503 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1503 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1504 .

The upgrade package includes the following updates:
1. Update the solution for fixing ClickJacking: X-Frame-Options Not Configured.
2. Update Detection of Identity Card Numbers Leakage on Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1502 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1502 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1503 .

The upgrade package includes the following update:
1. Add Apache Flink Arbitrary JAR Package Upload Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1501 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1501 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1502 .

The upgrade package includes the following updates:
1. Add Apache Solr Velocity Module Remote Command Execution Vulnerability Plug-in.
2. Add UEditor Arbitrary File Upload Vulnerability Plug-in.
3. Add Detection of UEditor Editor on Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1500 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1500 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1501 .

The upgrade package includes the following updates:
1. Add phpStudy Backdoor Arbitrary Code Execution Vulnerability Plug-in.
2. Update Fastjson Remote Code Execution Vulnerability Plug-in.
3. Update SQL Injection Vulnerability Detected on Target URL Plug-in.
4. Update XSS Vulnerability Detected On Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.14* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1500 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1401.dat to rsas-vulweb-V6.0R02F00.1407.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1406. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1406. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1407.

The upgrade package includes the following update:
1. Add E-Cology OA System Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.]

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1405. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1405. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1406.

The upgrade package includes the following update:
1. Update Microsoft Windows MHTML Script Code Injection Vulnerability (MS11-026) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1404. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1404. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1405.

The upgrade package includes the following update:
1. Add Webmin Remote Command Execution Vulnerability (CVE-2019-15107) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1403. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1403. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1404.

The upgrade package includes the following update:
1. Update TLS Heartbeat Extension Pack Remote Information Disclosure Vulnerability (CVE-2014-0160) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1402. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1402. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1403.

The upgrade package includes the following update:
1. Add Apache Solr Remote Code Execution Vulnerability (CVE-2019-0193) Plug-in.
2. Add ProFTPd Arbitrary File Copy Vulnerability (CVE-2019-12815) Plug-in.
3. Add Jackson-databind Remote Code Execution Vulnerability (CVE-2019-12384) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1401. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1401. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1402.

The upgrade package includes the following update:
1. Add Jira Template Injection Remote Code Execution Vulnerability(CVE-2019-11581) Plug-in.
2. Add Fastjson Remote Code Execution Vulnerability Plug-in.
3. Update Link Injection Vulnerability Detected in Target URL Plug-in.
4. Update Frame Injection Vulnerability Detected in Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1400. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1400. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1401.

The upgrade package includes the following update:
1. Add Confluence Directory Traversal and Remote Code Execution Vulnerabilities (CVE-2019-3396) Plug-in.
2. Update ThinkPHP 5.x request.php Variable Overwrite Remote Code Execution Vulnerability Plug-in.
3. Update Detection of Source Code Disclosure in the Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.13* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1400 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1301.dat to rsas-vulweb-V6.0R02F00.1311.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1310 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1310 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1311 .

The upgrade package includes the following updates:
1. Update Frame Injection Vulnerability Detected in Target URL Plug-in.
2. Update Clickjacking: X-Frame-Options Not Configured Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1309 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1309 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1310 .

The upgrade package includes the following updates:
1. Add WebLogic Deserialization Remote Code Execution Vulnerability(CVE-2019-2725 Patch Bypass) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1308 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1308 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1309 .

The upgrade package includes the following updates:
1. Update Session Cookies Detected to Be Without Secure Attribute Plug-in.
2. Update Session Cookies Detected to Be Without HttpOnly Attribute Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1307 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1307 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1308 .

The upgrade package includes the following updates:
1. Add WebLogic Blind XML External Entity (XEE) Vulnerability (CVE-2019-2648) Plug-in.
2. Add WebLogic Blind XML External Entity (XEE) Vulnerability (CVE-2019-2649) Plug-in.
3. Add WebLogic Blind XML External Entity (XEE) Vulnerability (CVE-2019-2650) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1306 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1306 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1307 .

The upgrade package includes the following updates:
1. Update the risk score for some vulnerabilities.
2. Update the CVSS score for some vulnerabilities.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1305 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1305 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1306 .

The upgrade package includes the following updates:
1. Update SQL Injection Vulnerability Detected on Target URL Plug-in.
2. Update Detection of Weak Password on Target Web Application Form Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1304 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1304 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1305 .

The upgrade package includes the following update:
1. Update WebLogic Deserialization Remote Code Execution Vulnerability (CVE-2019-2725) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1303 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1303 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1304 .

The upgrade package includes the following update:
1. Update WebLogic wls9-async Component Deserialization Remote Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1302 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1302 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1303 .

The upgrade package includes the following update:
1. Add WebLogic wls9-async Component Deserialization Remote Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1301 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1301 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1302 .

The upgrade package includes the following updates:
1. Add WebLogic Blind XML External Entity (XEE) Vulnerability (CVE-2019-2647) Plug-in.
2. Update WebSphere Java Unserialize Remote Code Execution Vulnerability Plug-in.
3. Update SQL Injection Vulnerability Detected on Target URL Plug-in.
4. Update ThinkPHP 5.0.x and 5.1.x Improper Controller Filtering Remote Code Execution Vulnerability Plug-in.
5. Update ThinkPHP 5.x request.php Variable Overwrite Remote Code Execution Vulnerability Plug-in.
6. Update WebDAV Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1300 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1300 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1301 .

The upgrade package includes the following update:
1. Update TLS Heartbeat Extension Pack Remote Information Disclosure Vulnerability (CVE-2014-0160) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.12*. This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1300.

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1201.dat to rsas-vulweb-V6.0R02F00.1206.dat.

Notes:
1.When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1205. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1205. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1206.

The upgrade package includes the following update:
1.Update SQL Injection Vulnerability Detected on Target URL Plug-in;
2.Update System Command Injection Vulnerability Detected in Target URL Plug-in;
3.Update Arbitrary File Access Vulnerability Detected on Target Host Plug-in.

Notes:
1.When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1204. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1204. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1205.

The upgrade package includes the following update:
1.Add KindEditor File Upload Vulnerability Plug-in;
2.Add Drupal Remote Code Execution Vulnerability (CVE-2019-6340) Plug-in;
3.Update Microsoft Windows MHTML Script Code Injection Vulnerability (MS11-026) Plug-in.

Notes:
1.When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1203. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1203. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1204.

The upgrade package includes the following update:
1.Update ThinkPHP 5.0.x and 5.1.x Improper Controller Filtering Remote Code Execution Vulnerability Plug-in;
2.Update Local File Inclusion Vulnerability on Target Website Plug-in.

Notes:
1.When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1202. This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1202. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1203.

The upgrade package includes the following update:
1.Update WebLogic wls-wsat Component Remote Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1201 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1202 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1202.

The upgrade package includes the following update:
1.Update ThinkPHP 5.0.x and 5.1.x Improper Controller Filtering Remote Code Execution Vulnerability Plug-in;
2.Update WebLogic wls-wsat Component Remote Command Execution Vulnerability Plug-in;
3.Add ThinkPHP 5.x request.php Variable Overwrite Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1200 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1200 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1201 .

The upgrade package includes the following update:
1. Update ThinkPHP 5.x Remote Command Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.11* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1200 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1101.dat to rsas-vulweb-V6.0R02F00.1105.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1104 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1104 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1105 .

The upgrade package includes the following updates:
1. Add ThinkPHP 5.x Remote Command Execution Vulnerability Plug-in.
2. Update Permanent Cookies Detected in Target Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1103 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1103 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1104 .

The upgrade package includes the following updates:
1. Update IIS Location Information Disclosure Plug-in.
2. Update Detection of Weak Password on Target Web Application Form Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1102 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1102 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1103 .

The upgrade package includes the following update:
1. Update SQL Injection Vulnerability Detected on Target URL Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1101 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1101 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1102 .

The upgrade package includes the following updates:
1. Update SQL Injection Vulnerability Detected on Target URL Plug-in.
2. Update WebLogic Java Unserialize Remote Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1100 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1100 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1101 .

The upgrade package includes the following updates:
1. Add WebLogic Remote Code Execution Vulnerability (CVE-2018-3191) Plug-in.
2. Add WebLogic Remote Code Execution Vulnerability (CVE-2018-3245) Plug-in.
3. Add PHPCMS 2008 yp/web/index.php Code Execution Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.10* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1100 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.1001.dat to rsas-vulweb-V6.0R02F00.1008.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1007 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1007 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1008 .

The upgrade package includes the following updates:
1. Add Apache Struts2 S2-013 Remote Code Execution Vulnerability (CVE-2013-1966) Plug-in.
2. Add Apache Struts2 S2-014 Remote Code Execution Vulnerability (CVE-2013-2115) Plug-in.
3. Add JBoss Application Server EJBInvokerServlet/JMXInvokerServlet Remote Code Execution Vulnerability (CVE-2013-4810) Plug-in.
4. Update Apache Struts2 S2-019 Remote Code Execution Vulnerability (CVE-2013-4316) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1006 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1006 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1007 .

The upgrade package includes the following updates:
1. Update XSS Vulnerability Detected On Target URL Plug-in.
2. Update Detection of Identity Card Numbers Leakage on Target URL Plug-in.
3. Update User Name or Password Detected in Target Web Application Login Form Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1005 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1005 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1006

The upgrade package includes the following update:
1. Update Apache Struts 2 S2-057 Remote Code Execution Vulnerability (CVE-2018-11776) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1004 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1004 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1005 .

The upgrade package includes the following update:
1. Add Detection of Source Code Disclosure in the Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1003 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1003 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1004 .

The upgrade package includes the following update:
1. Add Apache Struts2 S2-057 Remote Code Execution Vulnerability (CVE-2018-11776) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1002 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1002 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1003 .

The upgrade package includes the following updates:
1. Update WebLogic wls-wsat Component Remote Command Execution Vulnerability Plug-in.
2. Update Clickjacking: X-Frame-Options Not Configured Plug-in.
3. Update Detection of JavaScript Framework/Library Vulnerability in Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1001 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1001 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1002 .

The upgrade package includes the following updates:
1. Update plug-in database and plug-in template.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.1000 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.1000 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1001 .

The upgrade package includes the following update:
1. Update Local File Inclusion Vulnerability on Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.09* . This upgrade package is a merged upgrade package. After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.1000 .

This upgrade package involves the changes during upgrade from rsas-vulweb-V6.0R02F00.0901.dat to rsas-vulweb-V6.0R02F00.0907.dat .

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0906 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0906 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0907 .

The upgrade package includes the following updates:
1. Update Apache Tomcat Installer Default Password Vulnerability Plug-in.
2. Update CmsEasy Improper Image Cropping GetShell Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0905 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0905 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0906 .

The upgrade package includes the following updates:
1. Add Drupal Remote Code Execution Vulnerability (CVE-2018-7600) Plug-in.
2. Add Drupal Remote Code Execution Vulnerability (CVE-2017-6920) Plug-in.
3. Update Detection of Weak Password on Target Web Application Form Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0904 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0904 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0905 .

The upgrade package includes the following updates:
1. Update GNU Bash Environment Variable Remote Command Execution Vulnerability Plug-in.
2. Update Drupal Sections Module XSS Vulnerability Plug-in.
3. Update Drupal 7.15 Multiple Pages Physical Path Exposure Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0903 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0903 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0904 .

The upgrade package includes the following updates:
1. Update WebLogic Deserialization Remote Code Execution Vulnerability (CVE-2018-2628) Plug-in.
2. Update Apache Struts2 S2-045 Remote Code Execution Vulnerability Plug-in.
3. Update jQuery Cross-Site Scripting Vulnerability Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0902 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0902 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0903 .

The upgrade package includes the following updates:
1. Update WebLogic Deserialization Remote Code Execution Vulnerability (CVE-2018-2628) Plug-in.
2. Update Detection of Information Disclosure Vulnerability on Target JBoss Plug-in.
3. Update ElasticSearch Remote Code Execution Vulnerability Plug-in.
4. Update Detection of JavaScript Framework/Library Vulnerability in Target Website Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0901 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0901 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0902 .

The upgrade package includes the following update:
1. Add WebLogic Java Unserialize Remote Code Execution Vulnerability (CVE-2018-2628) Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.

This is a web plug-in upgrade package, which supports the web plug-in version of V6.0R02F00.0900 . This upgrade package is for incremental upgrade from the web plug-in version of V6.0R02F00.0900 . After upgrade, the system version remains unchanged, but the web plug-in version is updated to V6.0R02F00.0901 .

The upgrade package includes the following updates:
1. Update Detection of Weak Password on Target Web Application Form Plug-in.
2. Update Database Connection File of Target Website Detected to Be Leaked Plug-in.

Notes:
1. When the upgrade is completed, the engine automatically restarts, which will affect functions being used. Please perform the upgrade at an appropriate time.