CVE-2023-0948: WordPress Japanized for WooCommerce <2.5.8 - Cross-Site Scripting
漏洞标题 CVE-2023-0948: WordPress Japanized for WooCommerce <2.5.8 - Cross-Site Scripting 漏洞描述 WordPress Japanized for WooCommerce plugin before 2.5.8 is susceptible to cros...
CVE-2024-36837: CRMEB开源电商系统 /api/products SQL注入漏洞(CVE-2024-36837)
漏洞标题 CVE-2024-36837: CRMEB开源电商系统 /api/products SQL注入漏洞(CVE-2024-36837) 漏洞描述 该漏洞可以通过请求api的路径接口来进行SQL注入,进而可能导致敏感信息泄露,该注入可暴露后...
CVE-2023-4542: D-Link DAR-8000-10 – Command Injection
漏洞标题 CVE-2023-4542: D-Link DAR-8000-10 - Command Injection 漏洞描述 D-Link DAR-8000-10 version has an operating system command injection vulnerability. The vulnerability origin...
CVE-2023-36287: Webkul QloApps 1.6.0 – Cross-site Scripting
漏洞标题 CVE-2023-36287: Webkul QloApps 1.6.0 - Cross-site Scripting 漏洞描述 An unauthenticated Cross-Site Scripting (XSS) vulnerability found in Webkul QloApps 1.6.0 allows an at...
CVE-2024-43917: WordPress TI WooCommerce Wishlist Plugin <= 2.8.2 - SQL Injection
漏洞标题 CVE-2024-43917: WordPress TI WooCommerce Wishlist Plugin <= 2.8.2 - SQL Injection 漏洞描述 In the latest version (2.8.2 as of writing the article) and below, the plugin...
CVE-2022-0479: Popup Builder Plugin – SQL Injection and Cross-Site Scripting
漏洞标题 CVE-2022-0479: Popup Builder Plugin - SQL Injection and Cross-Site Scripting 漏洞描述 The Popup Builder WordPress plugin before 4.1.1 is vulnerable to SQL Injection and Re...
CVE-2021-32819: Nodejs Squirrelly – Remote Code Execution
漏洞标题 CVE-2021-32819: Nodejs Squirrelly - Remote Code Execution 漏洞描述 Nodejs Squirrelly is susceptible to remote code execution. Squirrelly is a template engine implemented i...
CVE-2024-8963: Ivanti Cloud Services Appliance – Path Traversal
漏洞标题 CVE-2024-8963: Ivanti Cloud Services Appliance - Path Traversal 漏洞描述 Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to ...
CVE-2019-25213: WordPress Advanced Access Manager – Path Traversal
漏洞标题 CVE-2019-25213: WordPress Advanced Access Manager - Path Traversal 漏洞描述 The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary Fil...
Apache Nifi 信息泄露漏洞(CVE-2024-56512)
漏洞标题 Apache Nifi 信息泄露漏洞(CVE-2024-56512) 漏洞描述 ApacheNiFi是一款用于提取、转换和加载数据的软件工具。NiFi通过内置处理器集成了许多不同的数据类型和文件格式。通过集成FTL、S...
CVE-2021-24891: WordPress Elementor Website Builder <3.1.4 - Cross-Site Scripting
漏洞标题 CVE-2021-24891: WordPress Elementor Website Builder <3.1.4 - Cross-Site Scripting 漏洞描述 WordPress Elementor Website Builder plugin before 3.1.4 contains a DOM cross-...
CVE-2020-25780: Commvault CommCell – Local File Inclusion
漏洞标题 CVE-2020-25780: Commvault CommCell - Local File Inclusion 漏洞描述 CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x be...
Apache Struts S2-046 OGNL表达式注入漏洞(CVE-2017-5638)
漏洞标题 Apache Struts S2-046 OGNL表达式注入漏洞(CVE-2017-5638) 漏洞描述 Apache Struts S2-046 OGNL表达式注入漏洞(CVE-2017-5638) PoC代码 暂无
CVE-2021-21805: Advantech R-SeeNet 2.4.12 – OS Command Injection
漏洞标题 CVE-2021-21805: Advantech R-SeeNet 2.4.12 - OS Command Injection 漏洞描述 Advantech R-SeeNet 2.4.12 is susceptible to remote OS command execution via the ping.php script f...
CVE-2016-1000152: WordPress Tidio-form <=1.0 - Cross-Site Scripting
漏洞标题 CVE-2016-1000152: WordPress Tidio-form <=1.0 - Cross-Site Scripting 漏洞描述 WordPress tidio-form1.0 contains a reflected cross-site scripting vulnerability which allow...
Atlassian Confluence Data Center and Server CVE-2024-21683 远程代码执行漏洞
漏洞标题 Atlassian Confluence Data Center and Server CVE-2024-21683 远程代码执行漏洞 漏洞描述 Atlassian Confluence Data Center and Server存在远程代码执行漏洞,此漏洞是程序对用户输...
