lua 漏洞列表
共找到 6 个与 lua 相关的漏洞
📅 加载漏洞趋势中...
-
Redis Lua 脚本 代码执行漏洞(CVE-2025-49844) 无POC
Redis 是一个持久保存在磁盘上的开源内存数据库。8.2.1 及更低版本允许经过身份验证的用户使用特制的 Lua 脚本来作垃圾收集器,触发释放后使用,并可能导致远程代码执行。该问题存在于所有版本的 Redis 和 Lua 脚本中。此问题已在 8.2.2 版本中修复。要在不修补 redis-server 可执行文件的情况下解决此问题,可以阻止用户执行 Lua 脚本。这可以使用 ACL 来限制 EVAL 和 EVALSHA 命令来完成。 -
CVE-2023-33439: Faculty Evaluation System v1.0 - SQL Injection POC
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_task.php?id= -
CVE-2023-33440: Faculty Evaluation System v1.0 - Remote Code Execution POC
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=save_user. -
privesc-lua: lua - Privilege Escalation POC
Lua is a powerful, efficient, lightweight, embeddable scripting language. It is often used as a scripting language for game development and other applications that require a customizable and extensible scripting interface. Lua is known for its simplicity, speed, and ease of integration with other languages and systems. -
CVE-2023-33439: Faculty Evaluation System v1.0 - SQL Injection POC
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_task.php?id= -
CVE-2023-33440: Faculty Evaluation System v1.0 - Remote Code Execution POC
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=save_user.