CVE-2023-22952: SugarCRM Unauthenticated – Remote Code Execution
漏洞标题 CVE-2023-22952: SugarCRM Unauthenticated - Remote Code Execution 漏洞描述 In SugarCRM before 12.0. Hotfix 91155, a crafted request can inject custom PHP code through the E...
CVE-2024-6289: WPS Hide Login < 1.9.16.4 - Hidden Login Page Disclosure
漏洞标题 CVE-2024-6289: WPS Hide Login < 1.9.16.4 - Hidden Login Page Disclosure 漏洞描述 The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the l...
Atlassian Confluence CVE-2023-22515 权限提升漏洞 (阶段1: 属性修改)
漏洞标题 Atlassian Confluence CVE-2023-22515 权限提升漏洞 (阶段1: 属性修改) 漏洞描述 Atlassian Confluence CVE-2023-22515 权限提升漏洞 (阶段1: 属性修改) 日期: 2024-02-07 | 影响软件:...
CVE-2021-4448: Kaswara Modern VC Addons <= 3.0.1 - Missing Authorization
漏洞标题 CVE-2021-4448: Kaswara Modern VC Addons <= 3.0.1 - Missing Authorization 漏洞描述 The Kaswara Modern VC Addons plugin for WordPress is vulnerable to authorization bypas...
CVE-2020-13117: Wavlink Multiple AP – Remote Command Injection
漏洞标题 CVE-2020-13117: Wavlink Multiple AP - Remote Command Injection 漏洞描述 Wavlink products are affected by a vulnerability that may allow remote unauthenticated users to exe...
CVE-2008-1061: WordPress Sniplets <=1.2.2 - Cross-Site Scripting
漏洞标题 CVE-2008-1061: WordPress Sniplets <=1.2.2 - Cross-Site Scripting 漏洞描述 WordPress Sniplets 1.1.2 and 1.2.2 plugin contains a cross-site scripting vulnerability which ...
CVE-2015-9499: WordPress ShowBiz Pro <= 1.7.1 - Authenticated Arbitrary File Upload to RCE
漏洞标题 CVE-2015-9499: WordPress ShowBiz Pro <= 1.7.1 - Authenticated Arbitrary File Upload to RCE 漏洞描述 The WordPress ShowBiz Pro plugin version <= 1.7.1 allows arbitrar...
CVE-2021-39226: Grafana Snapshot – Authentication Bypass
漏洞标题 CVE-2021-39226: Grafana Snapshot - Authentication Bypass 漏洞描述 Grafana instances up to 7.5.11 and 8.1.5 allow remote unauthenticated users to view the snapshot associat...
CVE-2022-29078: Node.js Embedded JavaScript 3.1.6 – Template Injection
漏洞标题 CVE-2022-29078: Node.js Embedded JavaScript 3.1.6 - Template Injection 漏洞描述 Node.js Embedded JavaScript 3.1.6 is susceptible to server-side template injection via sett...
CVE-2025-34085: WordPress Simple File List <=4.2.2 - Remote Code Execution
漏洞标题 CVE-2025-34085: WordPress Simple File List <=4.2.2 - Remote Code Execution 漏洞描述 An unrestricted file upload vulnerability in the WordPress Simple File List plugin b...
CVE-2014-5368: WordPress Plugin WP Content Source Control – Directory Traversal
漏洞标题 CVE-2014-5368: WordPress Plugin WP Content Source Control - Directory Traversal 漏洞描述 A directory traversal vulnerability in the file_get_contents function in downloadf...
CVE-2010-4239: Tiki Wiki CMS Groupware 5.2 – Local File Inclusion
漏洞标题 CVE-2010-4239: Tiki Wiki CMS Groupware 5.2 - Local File Inclusion 漏洞描述 Tiki Wiki CMS Groupware 5.2 is susceptible to a local file inclusion vulnerability. PoC代码
CVE-2021-39350: FV Flowplayer Video Player WordPress plugin – Authenticated Cross-Site Scripting
漏洞标题 CVE-2021-39350: FV Flowplayer Video Player WordPress plugin - Authenticated Cross-Site Scripting 漏洞描述 The FV Flowplayer Video Player WordPress plugin is vulnerable to ...
CVE-2024-57514: TP-Link Archer A20 v3 Router – Cross-site Scripting
漏洞标题 CVE-2024-57514: TP-Link Archer A20 v3 Router - Cross-site Scripting 漏洞描述 The TP-Link Archer A20 v3 router is vulnerable to Cross-site Scripting (XSS) due to improper h...
CVE-2020-17518: Apache Flink 1.5.1 – Local File Inclusion
漏洞标题 CVE-2020-17518: Apache Flink 1.5.1 - Local File Inclusion 漏洞描述 Apache Flink 1.5.1 is vulnerable to local file inclusion because of a REST handler that allows file uplo...
CVE-2019-5128: YouPHPTube Encoder – Arbitrary File Write
漏洞标题 CVE-2019-5128: YouPHPTube Encoder - Arbitrary File Write 漏洞描述 Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing enc...
