CVE-2017-9805: Apache Struts2 S2-052 – Remote Code Execution
漏洞标题 CVE-2017-9805: Apache Struts2 S2-052 - Remote Code Execution 漏洞描述 The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XS...
CVE-2024-21644: pyLoad Flask Config – Access Control
漏洞标题 CVE-2024-21644: pyLoad Flask Config - Access Control 漏洞描述 pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can brow...
CVE-2023-52251: Kafka UI 0.7.1 Command Injection
漏洞标题 CVE-2023-52251: Kafka UI 0.7.1 Command Injection 漏洞描述 An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code v...
CVE-2018-16836: Rubedo CMS <=3.4.0 - Directory Traversal
漏洞标题 CVE-2018-16836: Rubedo CMS <=3.4.0 - Directory Traversal 漏洞描述 Rubedo CMS through 3.4.0 contains a directory traversal vulnerability in the theme component, allowing...
Apache OFBiz StatsSinceStart 远程代码执行漏洞(CVE-2024-45507)
漏洞标题 Apache OFBiz StatsSinceStart 远程代码执行漏洞(CVE-2024-45507) 漏洞描述 Apache OFBiz 18.12.16 之前的版本在 Linux 和 Windows 系统上存在未经身份验证的远程代码执行漏洞。 PoC...
CVE-2025-44177: White Star Software ProTop – Directory Traversal
漏洞标题 CVE-2025-44177: White Star Software ProTop - Directory Traversal 漏洞描述 A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2-20...
CVE-2023-0552: WordPress Pie Register <3.8.2.3 - Open Redirect
漏洞标题 CVE-2023-0552: WordPress Pie Register <3.8.2.3 - Open Redirect 漏洞描述 WordPress Pie Register plugin before 3.8.2.3 contains an open redirect vulnerability. The plugin...
CVE-2023-29204: XWiki – Open Redirect
漏洞标题 CVE-2023-29204: XWiki - Open Redirect 漏洞描述 XWiki Commons are technical libraries common to several other top level XWiki projects. It is possible to bypass the existin...
CVE-2019-0230: Apache Struts <=2.5.20 - Remote Code Execution S2-059
漏洞标题 CVE-2019-0230: Apache Struts <=2.5.20 - Remote Code Execution S2-059 漏洞描述 Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation when evaluated on raw user inp...
CVE-2021-33544: Geutebruck – Remote Command Injection
漏洞标题 CVE-2021-33544: Geutebruck - Remote Command Injection 漏洞描述 Geutebruck is susceptible to multiple vulnerabilities its web-based management interface that could allow an...
CVE-2024-53704: SSL VPN Session Hijacking
漏洞标题 CVE-2024-53704: SSL VPN Session Hijacking 漏洞描述 An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authe...
CVE-2021-25055: WordPress FeedWordPress < 2022.0123 - Authenticated Cross-Site Scripting
漏洞标题 CVE-2021-25055: WordPress FeedWordPress < 2022.0123 - Authenticated Cross-Site Scripting 漏洞描述 The plugin is affected by a cross-site scripting vulnerability within ...
CVE-2021-20124: Draytek VigorConnect 6.0-B3 – Local File Inclusion
漏洞标题 CVE-2021-20124: Draytek VigorConnect 6.0-B3 - Local File Inclusion 漏洞描述 Draytek VigorConnect 1.6.0-B3 is susceptible to local file inclusion in the file download funct...
CVE-2018-10201: Ncomputing vSPace Pro 10 and 11 – Directory Traversal
漏洞标题 CVE-2018-10201: Ncomputing vSPace Pro 10 and 11 - Directory Traversal 漏洞描述 Ncomputing vSpace Pro versions 10 and 11 suffer from a directory traversal vulnerability. Po...
Apache Tomcat SSI printenv CVE-2019-0221 跨站脚本漏洞
漏洞标题 Apache Tomcat SSI printenv CVE-2019-0221 跨站脚本漏洞 漏洞描述 Apache Tomcat SSI printenv command存在跨站脚本漏洞,此漏洞是由于应用程序对用户输入没有进行充分校验导致的。 P...
印尼央行确认遭受勒索软件攻击
1月20日,印度尼西亚共和国中央银行——印度尼西亚银行(BANK INDONESIA)通信部执行主任Erwin Haryono证实,银行于上个月遭受了勒索软件攻击。中央银行有着管理货币部门、维持支付系统和金融系...
