Atlassian Confluence /json/setup-restore.action 文件上传漏洞(CVE-2023-22518)
漏洞标题 Atlassian Confluence /json/setup-restore.action 文件上传漏洞(CVE-2023-22518) 漏洞描述 Atlassian Confluence是一款企业知识管理与协作软件。该漏洞存在于Atlassian Confluence...
CVE-2020-3952: VMware vCenter Server LDAP Broken Access Control
漏洞标题 CVE-2020-3952: VMware vCenter Server LDAP Broken Access Control 漏洞描述 Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or e...
CVE-2023-37599: Issabel PBX 4.0.0-6 – Directory Listing
漏洞标题 CVE-2023-37599: Issabel PBX 4.0.0-6 - Directory Listing 漏洞描述 An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via the modules...
CVE-2023-3710: Honeywell PM43 Printers – Command Injection
漏洞标题 CVE-2023-3710: Honeywell PM43 Printers - Command Injection 漏洞描述 Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) all...
CVE-2023-0777: modoboa 2.0.4 – Admin TakeOver
漏洞标题 CVE-2023-0777: modoboa 2.0.4 - Admin TakeOver 漏洞描述 Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4. PoC代码
CVE-2024-48455: Netis Wifi Router – Information Disclosure
漏洞标题 CVE-2024-48455: Netis Wifi Router - Information Disclosure 漏洞描述 An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.374...
CVE-2022-0765: WordPress Loco Translate < 2.6.1 - Cross-Site Scripting
漏洞标题 CVE-2022-0765: WordPress Loco Translate < 2.6.1 - Cross-Site Scripting 漏洞描述 Loco Translate WordPress plugin before 2.6.1 contains a stored cross-site scripting vuln...
CVE-2020-26948: Emby < 4.5.0 - Server Server-Side Request Forgery
漏洞标题 CVE-2020-26948: Emby < 4.5.0 - Server Server-Side Request Forgery 漏洞描述 Emby Server before 4.5.0 allows server-side request forgery (SSRF) via the Items/RemoteSearch...
CVE-2008-1061: WordPress Sniplets <=1.2.2 - Cross-Site Scripting
漏洞标题 CVE-2008-1061: WordPress Sniplets <=1.2.2 - Cross-Site Scripting 漏洞描述 WordPress Sniplets 1.1.2 and 1.2.2 plugin contains a cross-site scripting vulnerability which ...
CVE-2018-8823: PrestaShop Responsive Mega Menu Module – Remote Code Execution
漏洞标题 CVE-2018-8823: PrestaShop Responsive Mega Menu Module - Remote Code Execution 漏洞描述 The 'Responsive Mega Menu' module for PrestaShop is prone to a remote code...
CVE-2023-0942: WordPress Japanized for WooCommerce <2.5.5 - Cross-Site Scripting
漏洞标题 CVE-2023-0942: WordPress Japanized for WooCommerce <2.5.5 - Cross-Site Scripting 漏洞描述 WordPress Japanized for WooCommerce plugin before 2.5.5 is susceptible to cros...
CVE-2020-5412: Spring Cloud Netflix – Server-Side Request Forgery
漏洞标题 CVE-2020-5412: Spring Cloud Netflix - Server-Side Request Forgery 漏洞描述 Spring Cloud Netflix 2.2.x prior to 2.2.4, 2.1.x prior to 2.1.6, and older unsupported versions ...
CVE-2020-35338: Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection
漏洞标题 CVE-2020-35338: Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection 漏洞描述 Wireless Multiplex Terminal Playout Server <=20.2.8 has a...
Apache Flink 文件读取(CVE-2020-17519)
漏洞标题 Apache Flink 文件读取(CVE-2020-17519) 漏洞描述 【漏洞对象】Apache Flink 【涉及版本】Flink部分版本(1.11.0, 1.11.1, 1.11.2) \【漏洞描述】ApacheFlink是一个开源的流处理框架...
CVE-2022-1910: WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting
漏洞标题 CVE-2022-1910: WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting 漏洞描述 WordPress Shortcodes and extra features plugin for the Phlox the...
CVE-2021-21402: Jellyfin prior to 10.7.0 Unauthenticated Arbitrary File Read
漏洞标题 CVE-2021-21402: Jellyfin prior to 10.7.0 Unauthenticated Arbitrary File Read 漏洞描述 Jellyfin is a Free Software Media System. In Jellyfin before version 10.7.1, with cer...
