CVE-2017-9506: Atlassian Jira IconURIServlet – Cross-Site Scripting/Server-Side Request Forgery
漏洞标题 CVE-2017-9506: Atlassian Jira IconURIServlet - Cross-Site Scripting/Server-Side Request Forgery 漏洞描述 The Atlassian Jira IconUriServlet of the OAuth Plugin from version...
CVE-2021-25296: Nagios XI 5.5.6-5.7.5 – Authenticated Remote Command Injection
漏洞标题 CVE-2021-25296: Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection 漏洞描述 Nagios XI 5.5.6 through 5.7.5 is susceptible to authenticated remote command inject...
CVE-2023-0968: WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting
漏洞标题 CVE-2023-0968: WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting 漏洞描述 WordPress Watu Quiz plugin before 3.3.9.1 is susceptible to cross-site scripting. The plugin...
CVE-2009-0545: ZeroShell <= 1.0beta11 Remote Code Execution
漏洞标题 CVE-2009-0545: ZeroShell <= 1.0beta11 Remote Code Execution 漏洞描述 ZeroShell 1.0beta11 and earlier via cgi-bin/kerbynet allows remote attackers to execute arbitrary c...
CVE-2024-5522: WordPress HTML5 Video Player < 2.5.27 - SQL Injection
漏洞标题 CVE-2024-5522: WordPress HTML5 Video Player < 2.5.27 - SQL Injection 漏洞描述 The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a param...
CVE-2023-48728: WWBN AVideo 11.6 – Cross-Site Scripting
漏洞标题 CVE-2023-48728: WWBN AVideo 11.6 - Cross-Site Scripting 漏洞描述 A reflected XSS vulnerability exists in the functiongetOpenGraph videoName functionality of WWBN AVideo 11...
CVE-2021-21985: VMware vSphere Client (HTML5) – Remote Code Execution
漏洞标题 CVE-2021-21985: VMware vSphere Client (HTML5) - Remote Code Execution 漏洞描述 The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of inp...
CVE-2022-36804: Atlassian Bitbucket – Remote Command Injection
漏洞标题 CVE-2022-36804: Atlassian Bitbucket - Remote Command Injection 漏洞描述 Atlassian Bitbucket Server and Data Center is susceptible to remote command injection. Multiple API...
CVE-2019-19908: phpMyChat-Plus 1.98 – Cross-Site Scripting
漏洞标题 CVE-2019-19908: phpMyChat-Plus 1.98 - Cross-Site Scripting 漏洞描述 phpMyChat-Plus 1.98 contains a cross-site scripting vulnerability via pmc_username parameter of pass_re...
CVE-2023-30194: Prestashop posstaticfooter <= 1.0.0 - SQL Injection
漏洞标题 CVE-2023-30194: Prestashop posstaticfooter <= 1.0.0 - SQL Injection 漏洞描述 Prestashop posstaticfooter <= 1.0.0 is vulnerable to SQL Injection via posstaticfooter::...
CVE-2025-34045: WeiPHP 5.0 – Path Traversal
漏洞标题 CVE-2025-34045: WeiPHP 5.0 - Path Traversal 漏洞描述 WeiPHP 5.0 contains a path traversal caused by insufficient input validation of the picUrl parameter in /public/index....
CVE-2019-19823: TOTOLINK/Realtek Routers – Information Disclosure
漏洞标题 CVE-2019-19823: TOTOLINK/Realtek Routers - Information Disclosure 漏洞描述 A certain router administration interface using Realtek APMIB (e.g., on TOTOLINK models) allows ...
CVE-2020-15050: Suprema BioStar <2.8.2 - Local File Inclusion
漏洞标题 CVE-2020-15050: Suprema BioStar <2.8.2 - Local File Inclusion 漏洞描述 Suprema BioStar before 2.8.2 Video Extension allows remote attackers can read arbitrary files fro...
CVE-2022-1952: WordPress eaSYNC Booking <1.1.16 - Arbitrary File Upload
漏洞标题 CVE-2022-1952: WordPress eaSYNC Booking <1.1.16 - Arbitrary File Upload 漏洞描述 WordPress eaSync Booking plugin bundle for hotel, restaurant and car rental before 1.1....
CVE-2022-2314: WordPress VR Calendar <=2.3.2 - Remote Code Execution
漏洞标题 CVE-2022-2314: WordPress VR Calendar <=2.3.2 - Remote Code Execution 漏洞描述 WordPress VR Calendar plugin through 2.3.2 is susceptible to remote code execution. The pl...
CVE-2017-1000028: GlassFish LFI
漏洞标题 CVE-2017-1000028: GlassFish LFI 漏洞描述 GlassFish是一款强健的商业兼容应用服务器,达到产品级质量,可免费用于开发、部署和重新分发。开发者可以免费获得源代码,还可以对代码进...
