CVE-2023-4521: Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE
漏洞标题 CVE-2023-4521: Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE 漏洞描述 The Import XML and RSS Feeds WordPress plugin before 2.1.5 allows unauthenticated attacke...
CVE-2015-1880: Fortinet FortiOS <=5.2.3 - Cross-Site Scripting
漏洞标题 CVE-2015-1880: Fortinet FortiOS <=5.2.3 - Cross-Site Scripting 漏洞描述 Fortinet FortiOS 5.2.x before 5.2.3 contains a cross-site scripting vulnerability in the SSL VPN...
CVE-2021-3223: Node RED Dashboard – Directory Traversal
漏洞标题 CVE-2021-3223: Node RED Dashboard - Directory Traversal 漏洞描述 Node-RED-Dashboard before 2.26.2 allows ui_base/js/..%2f directory traversal to read files. PoC代码
CVE-2010-1345: Joomla! Component Cookex Agency CKForms – Local File Inclusion
漏洞标题 CVE-2010-1345: Joomla! Component Cookex Agency CKForms - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) compo...
CVE-2012-0394: Apache Struts <2.3.1.1 - Remote Code Execution
漏洞标题 CVE-2012-0394: Apache Struts <2.3.1.1 - Remote Code Execution 漏洞描述 Apache Struts before 2.3.1.1 is susceptible to remote code execution. When developer mode is used...
CVE-2019-18394: Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery
漏洞标题 CVE-2019-18394: Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery 漏洞描述 Ignite Realtime Openfire through version 4.4.2 allows attackers to send arbitrar...
CVE-2019-11886: Yellow Pencil Visual Theme Customizer < 7.2.1 - Privilege Escalation
漏洞标题 CVE-2019-11886: Yellow Pencil Visual Theme Customizer < 7.2.1 - Privilege Escalation 漏洞描述 The WaspThemes Visual CSS Style Editor (aka yellow-pencil-visual-theme-cus...
Apache Struts2(S2-061)远程代码执行漏洞(CVE-2020-17530)
漏洞标题 Apache Struts2(S2-061)远程代码执行漏洞(CVE-2020-17530) 漏洞描述 Apache Struts2框架是一个用于开发Java EE网络应用程序的Web框架。Struts2 会对某些标签属性(比如 id,其他属性有...
CVE-2017-12794: Django Debug Page – Cross-Site Scripting
漏洞标题 CVE-2017-12794: Django Debug Page - Cross-Site Scripting 漏洞描述 Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5 has HTML autoescaping disabled in a portion of the t...
CVE-2024-36401: GeoServer RCE in Evaluating Property Name Expressions
漏洞标题 CVE-2024-36401: GeoServer RCE in Evaluating Property Name Expressions 漏洞描述 In the GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer, multiple OGC reque...
CirCarLifeScada停车场自动化管理系统log-信息泄漏(CVE-2018-12634)
漏洞标题 CirCarLifeScada停车场自动化管理系统log-信息泄漏(CVE-2018-12634) 漏洞描述 【漏洞对象】Circontrol CirCarLife Scada 【漏洞描述】 Circontrol CirCarLifeScada是西班牙Circontrol...
CVE-2019-16469: Adobe Experience Manager – Expression Language Injection
漏洞标题 CVE-2019-16469: Adobe Experience Manager - Expression Language Injection 漏洞描述 Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 has an expression lang...
CVE-2021-24169: WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting
漏洞标题 CVE-2021-24169: WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting 漏洞描述 WordPress Advanced Order Export For WooCommerce plu...
CVE-2022-43017: OpenCATS 0.9.6 – Cross-Site Scripting
漏洞标题 CVE-2022-43017: OpenCATS 0.9.6 - Cross-Site Scripting 漏洞描述 OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the indexFile component. An attacker can in...
CirCarLifeScada停车场自动化管理系统repository-信息泄漏(CVE-2018-16668)
漏洞标题 CirCarLifeScada停车场自动化管理系统repository-信息泄漏(CVE-2018-16668) 漏洞描述 【漏洞对象】Circontrol CirCarLife Scada 【漏洞描述】 Circontrol CirCarLifeScada是西班牙Circ...
CVE-2019-5128: YouPHPTube Encoder – Arbitrary File Write
漏洞标题 CVE-2019-5128: YouPHPTube Encoder - Arbitrary File Write 漏洞描述 Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing enc...
