CVE-2018-12613: PhpMyAdmin 4.8.1 Remote File Inclusion
漏洞标题 CVE-2018-12613: PhpMyAdmin 4.8.1 Remote File Inclusion 漏洞描述 An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potent...
CVE-2024-3300: Delmia Apriso – Pre-Authentication Unsafe .NET Object Deserialization
漏洞标题 CVE-2024-3300: Delmia Apriso - Pre-Authentication Unsafe .NET Object Deserialization 漏洞描述 An unsafe .NET object deserialization vulnerability in DELMIA Apriso Release ...
CVE-2024-4455: YITH WooCommerce Ajax Search <= 2.4.0 - Cross-Site Scripting
漏洞标题 CVE-2024-4455: YITH WooCommerce Ajax Search <= 2.4.0 - Cross-Site Scripting 漏洞描述 The YITH WooCommerce Ajax Search plugin for WordPress is vulnerable to Stored Cross...
CVE-2017-8046: Spring Data Rest RCE
漏洞标题 CVE-2017-8046: Spring Data Rest RCE 漏洞描述 SpringDataREST是一个构建在SpringData之上,为了帮助开发者更加容易地开发REST风格的Web服务。在RESTAPI的Patch方法中(实现RFC6902)...
CVE-2018-19365: Wowza Streaming Engine Manager 4.7.4.01 – Directory Traversal
漏洞标题 CVE-2018-19365: Wowza Streaming Engine Manager 4.7.4.01 - Directory Traversal 漏洞描述 Wowza Streaming Engine 4.7.4.01 allows traversal of the directory structure and retr...
CVE-2022-31268: Gitblit 1.9.3 – Local File Inclusion
漏洞标题 CVE-2022-31268: Gitblit 1.9.3 - Local File Inclusion 漏洞描述 Gitblit 1.9.3 is vulnerable to local file inclusion via /resources//../ (e.g., followed by a WEB-INF or META-...
CVE-2022-4305: Login as User or Customer < 3.3 - Privilege Escalation
漏洞标题 CVE-2022-4305: Login as User or Customer < 3.3 - Privilege Escalation 漏洞描述 The plugin lacks authorization checks to ensure that users are allowed to log in as anoth...
CVE-2012-0392: Apache Struts2 S2-008 RCE
漏洞标题 CVE-2012-0392: Apache Struts2 S2-008 RCE 漏洞描述 The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows r...
CVE-2021-22053: Spring Cloud Netflix Hystrix Dashboard <2.2.10 - Remote Code Execution
漏洞标题 CVE-2021-22053: Spring Cloud Netflix Hystrix Dashboard <2.2.10 - Remote Code Execution 漏洞描述 Spring Cloud Netflix Hystrix Dashboard prior to version 2.2.10 is suscep...
CVE-2020-3187: Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense – Directory Traversal
漏洞标题 CVE-2020-3187: Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal 漏洞描述 Cisco Adaptive Security Appliance (ASA) Software an...
CVE-2023-32315-2: Openfire身份认证绕过漏洞
漏洞标题 CVE-2023-32315-2: Openfire身份认证绕过漏洞 漏洞描述 Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web...
CVE-2024-8963: Ivanti Cloud Services Appliance – Path Traversal
漏洞标题 CVE-2024-8963: Ivanti Cloud Services Appliance - Path Traversal 漏洞描述 Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to ...
CVE-2023-30150: PrestaShop leocustomajax 1.0 & 1.0.0 – SQL Injection
漏洞标题 CVE-2023-30150: PrestaShop leocustomajax 1.0 & 1.0.0 - SQL Injection 漏洞描述 PrestaShop leocustomajax 1.0 and 1.0.0 are vulnerable to SQL Injection via modules/leocus...
CVE-2017-12149: Jboss Application Server – Remote Code Execution
漏洞标题 CVE-2017-12149: Jboss Application Server - Remote Code Execution 漏洞描述 Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2 is susceptib...
CVE-2022-1768: WordPress RSVPMaker <=9.3.2 - SQL Injection
漏洞标题 CVE-2022-1768: WordPress RSVPMaker <=9.3.2 - SQL Injection 漏洞描述 WordPress RSVPMaker plugin through 9.3.2 contains a SQL injection vulnerability due to insufficient ...
CVE-2021-34429: Eclipse Jetty – Information Disclosure
漏洞标题 CVE-2021-34429: Eclipse Jetty - Information Disclosure 漏洞描述 Eclipse Jetty 9.4.37-9.4.42, 10.0.1-10.0.5 and 11.0.1-11.0.5 are susceptible to improper authorization. URI...
