CVE-2019-9880: WPEngine WPGraphQL 0.2.3 – Unauthenticated User Information Disclosure
漏洞标题 CVE-2019-9880: WPEngine WPGraphQL 0.2.3 - Unauthenticated User Information Disclosure 漏洞描述 An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. By quer...
CVE-2024-57046: Netgear DGN2200 – Improper Authentication
漏洞标题 CVE-2024-57046: Netgear DGN2200 - Improper Authentication 漏洞描述 A vulnerability in the Netgear DGN2200 router with firmware version v1.0.0.46 and earlier permits unauth...
CVE-2022-24900: Piano LED Visualizer 1.3 – Local File Inclusion
漏洞标题 CVE-2022-24900: Piano LED Visualizer 1.3 - Local File Inclusion 漏洞描述 Piano LED Visualizer 1.3 and prior are vulnerable to local file inclusion. PoC代码
CVE-2022-43140: kkFileView 4.1.0 – Server-Side Request Forgery
漏洞标题 CVE-2022-43140: kkFileView 4.1.0 - Server-Side Request Forgery 漏洞描述 kkFileView 4.1.0 is susceptible to server-side request forgery via the component cn.keking.web.cont...
CVE-2020-36708: WordPress Epsilon Framework Themes <=2.4.8 - Remote Code Execution
漏洞标题 CVE-2020-36708: WordPress Epsilon Framework Themes <=2.4.8 - Remote Code Execution 漏洞描述 WordPress themes including Shapely <= 1.2.7, NewsMag <= 2.4.1, Activel...
Appwrite <=1.2.1存在ssrf漏洞(CVE-2023-27159)
漏洞标题 Appwrite <=1.2.1存在ssrf漏洞(CVE-2023-27159) 漏洞描述 Appwrite是一个基于Docker的端到端开发者平台,该系统洞有一个服务器端请求伪造 (SSRF) 漏洞 PoC代码 暂无
CVE-2024-4340: sqlparse – Denial of Service
漏洞标题 CVE-2024-4340: sqlparse - Denial of Service 漏洞描述 Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError. PoC代码
CVE-2023-44813: mooSocial v.3.1.8 – Cross-Site Scripting
漏洞标题 CVE-2023-44813: mooSocial v.3.1.8 - Cross-Site Scripting 漏洞描述 Cross-Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitra...
CVE-2022-2627: WordPress Newspaper < 12 - Cross-Site Scripting
漏洞标题 CVE-2022-2627: WordPress Newspaper < 12 - Cross-Site Scripting 漏洞描述 WordPress Newspaper theme before 12 is susceptible to cross-site scripting. The does not sanitiz...
CVE-2021-24406: WordPress wpForo Forum < 1.9.7 - Open Redirect
漏洞标题 CVE-2021-24406: WordPress wpForo Forum < 1.9.7 - Open Redirect 漏洞描述 WordPress wpForo Forum < 1.9.7 is susceptible to an open redirect vulnerability because the p...
CVE-2021-21800: Advantech R-SeeNet 2.4.12 – Cross-Site Scripting
漏洞标题 CVE-2021-21800: Advantech R-SeeNet 2.4.12 - Cross-Site Scripting 漏洞描述 Advantech R-SeeNet 2.4.12 contains a reflected cross-site scripting vulnerability in the ssh_form...
CVE-2025-41243: Spring Cloud Gateway Server Webflux – Broken Access Control
漏洞标题 CVE-2025-41243: Spring Cloud Gateway Server Webflux - Broken Access Control 漏洞描述 Spring Cloud Gateway Server Webflux contains a vulnerability caused by unsecured and e...
CVE-2022-1768: WordPress RSVPMaker <=9.3.2 - SQL Injection
漏洞标题 CVE-2022-1768: WordPress RSVPMaker <=9.3.2 - SQL Injection 漏洞描述 WordPress RSVPMaker plugin through 9.3.2 contains a SQL injection vulnerability due to insufficient ...
CVE-2023-6875: WordPress POST SMTP Mailer <= 2.8.7 - Authorization Bypass
漏洞标题 CVE-2023-6875: WordPress POST SMTP Mailer <= 2.8.7 - Authorization Bypass 漏洞描述 The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP ...
CVE-2020-27615: WordPress Loginizer < 1.6.4 – Unauthenticated SQL Injection via `log` Parameter
漏洞标题 CVE-2020-27615: WordPress Loginizer < 1.6.4 – Unauthenticated SQL Injection via `log` Parameter 漏洞描述 The Loginizer plugin before 1.6.4 for WordPress allows SQL inj...
CVE-2024-21887: Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) – Command Injection
漏洞标题 CVE-2024-21887: Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) - Command Injection 漏洞描述 A command injection vulnerability in web components of ...
