漏洞标题 CVE-2018-16761: Eventum <3.4.0 - Open Redirect 漏洞描述 Eventum before 3.4.0 contains an open redirect vulnerability. An attacker can redirect a user to a malicious sit...

漏洞标题 Apache Solr XXE漏洞(CVE-2017-12629) 漏洞描述 【漏洞对象】Apache Solr 【涉及版本】Apache Solr before 7.1.0 【漏洞描述】该漏洞可用于任何参数为deftype =xmlparser的查询请求，...

漏洞标题 74CMS任意文件读取(CVE-2022-26271) 漏洞描述 74CMS人才招聘系统/upload/application/index/controller/Download.php文件任意文件读取漏洞，可读取系统配置等文件，导致网站处于极度不...

漏洞标题 CVE-2022-4140: WordPress Welcart e-Commerce <2.8.5 - Arbitrary File Access 漏洞描述 WordPress Welcart e-Commerce plugin before 2.8.5 is susceptible to arbitrary file ac...

漏洞标题 CVE-2025-26319: FlowiseAI Flowise <= 2.2.6 - Arbitrary File Upload 漏洞描述 FlowiseAI Flowise version 2.2.6 and below contains an arbitrary file upload vulnerability in...

漏洞标题 CVE-2022-22954: VMware Workspace ONE Access - Server-Side Template Injection 漏洞描述 VMware Workspace ONE Access is susceptible to a remote code execution vulnerability d...

漏洞标题 CVE-2016-1000134: WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting 漏洞描述 WordPress HDW Video Gallery 1.2 and before contains a cross-site scripting vulnerabi...

漏洞标题 CVE-2018-10737: Nagios XI SQL Inject 漏洞描述 Nagios XI SQL Inject PoC代码

漏洞标题 CVE-2019-10692: WordPress Google Maps <7.11.18 - SQL Injection 漏洞描述 WordPress Google Maps plugin before 7.11.18 contains a SQL injection vulnerability. The plugin i...

漏洞标题 CVE-2020-24881: OsTicket < 1.14.3 - Server Side Request Forgery 漏洞描述 SSRF vulnerability exists in osTicket before 1.14.3, allowing an attacker to add malicious file...

漏洞标题 CVE-2021-24838: WordPress AnyComment <0.3.5 - Open Redirect 漏洞描述 WordPress AnyComment plugin before 0.3.5 contains an open redirect vulnerability via an API endpoin...

漏洞标题 CVE-2022-0349: WordPress NotificationX <2.3.9 - SQL Injection 漏洞描述 WordPress NotificationX plugin prior to 2.3.9 contains a SQL injection vulnerability. The plugin ...

漏洞标题 Atlassian Jira 模板注入漏洞（CVE-2019-11581） 漏洞描述 Atlassian JIRA Server和JIRA Data Center中存在安全漏洞。多个版本受到影响。 PoC代码 暂无

漏洞标题 CVE-2021-34621: WordPress ProfilePress 3.0.0-3.1.3 - Admin User Creation Weakness 漏洞描述 ProfilePress WordPress plugin is susceptible to a vulnerability in the user regi...

漏洞标题 CVE-2023-52251: Kafka UI 0.7.1 Command Injection 漏洞描述 An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code v...

漏洞标题 CVE-2020-29390: Zeroshell 3.9.3 - Command Injection 漏洞描述 Zeroshell 3.9.3 contains a command injection vulnerability in the /cgi-bin/kerbynet StartSessionSubmit paramet...