CVE-2022-4059: Cryptocurrency Widgets Pack < 2.0 - SQL Injection
漏洞标题 CVE-2022-4059: Cryptocurrency Widgets Pack < 2.0 - SQL Injection 漏洞描述 The plugin does not sanitise and escape some parameter before using it in a SQL statement via ...
CVE-2022-45354: Download Monitor <= 4.7.60 - Sensitive Information Exposure
漏洞标题 CVE-2022-45354: Download Monitor <= 4.7.60 - Sensitive Information Exposure 漏洞描述 The Download Monitor plugin for WordPress is vulnerable to Sensitive Information Ex...
CVE-2022-32015: Complete Online Job Search System 1.0 – SQL Injection
漏洞标题 CVE-2022-32015: Complete Online Job Search System 1.0 - SQL Injection 漏洞描述 Complete Online Job Search System 1.0 contains a SQL injection vulnerability via /eris/index...
spring4shell-CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+
漏洞标题 spring4shell-CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+ 漏洞描述 A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to rem...
CVE-2022-43018: OpenCATS 0.9.6 – Cross-Site Scripting
漏洞标题 CVE-2022-43018: OpenCATS 0.9.6 - Cross-Site Scripting 漏洞描述 OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the email parameter in the Check Email func...
CVE-2022-2314: WordPress VR Calendar <=2.3.2 - Remote Code Execution
漏洞标题 CVE-2022-2314: WordPress VR Calendar <=2.3.2 - Remote Code Execution 漏洞描述 WordPress VR Calendar plugin through 2.3.2 is susceptible to remote code execution. The pl...
CVE-2022-3477: WordPress tagDiv Composer < 3.5 - Authentication Bypass
漏洞标题 CVE-2022-3477: WordPress tagDiv Composer < 3.5 - Authentication Bypass 漏洞描述 The tagDiv Composer WordPress plugin before 3.5, required by the Newspaper WordPress the...
CVE-2022-0968: Microweber <1.2.12 - Integer Overflow
漏洞标题 CVE-2022-0968: Microweber <1.2.12 - Integer Overflow 漏洞描述 Microweber before 1.2.12 is susceptible to integer overflow. The application allows large characters to in...
CVE-2022-31181: PrestaShop – SQL Injection to Eval Injection
漏洞标题 CVE-2022-31181: PrestaShop - SQL Injection to Eval Injection 漏洞描述 PrestaShop versions from 1.6.0.10 and before 1.7.8.7 contain an SQL injection caused by unsanitized u...
CVE-2022-31137: Roxy-Wi options.py 远程命令执行漏洞
漏洞标题 CVE-2022-31137: Roxy-Wi options.py 远程命令执行漏洞 漏洞描述 Roxy-Wi options.py 存在远程命令执行漏洞,攻击者通过漏洞可以执行命令获取服务器权限 app="HAProxy-WI" P...
CVE-2022-34267: RWS WorldServer – Authentication Bypass
漏洞标题 CVE-2022-34267: RWS WorldServer - Authentication Bypass 漏洞描述 An issue was discovered in RWS WorldServer before 11.7.3. Adding a token parameter with the value of 02 by...
CVE-2022-0594: WordPress Shareaholic <9.7.6 - Information Disclosure
漏洞标题 CVE-2022-0594: WordPress Shareaholic <9.7.6 - Information Disclosure 漏洞描述 WordPress Shareaholic plugin prior to 9.7.6 is susceptible to information disclosure. The ...
CVE-2022-22963: Spring Cloud – Remote Code Execution
漏洞标题 CVE-2022-22963: Spring Cloud - Remote Code Execution 漏洞描述 Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions are susceptible to remote code exe...
CVE-2022-2168: WordPress Download Manager < 3.2.44 - Authenticated Cross-Site Scripting
漏洞标题 CVE-2022-2168: WordPress Download Manager < 3.2.44 - Authenticated Cross-Site Scripting 漏洞描述 The WordPress Download Manager plugin before version 3.2.44 does not pr...
CVE-2022-34047: WAVLINK WN530HG4 – Improper Access Control
漏洞标题 CVE-2022-34047: WAVLINK WN530HG4 - Improper Access Control 漏洞描述 WAVLINK WN530HG4 M30HG4.V5030.191116 is susceptible to improper access control. An attacker can obtain ...
CVE-2022-31847: WAVLINK WN579 X3 M79X3.V5030.180719 – Information Disclosure
漏洞标题 CVE-2022-31847: WAVLINK WN579 X3 M79X3.V5030.180719 - Information Disclosure 漏洞描述 WAVLINK WN579 X3 M79X3.V5030.180719 is susceptible to information disclosure in /cgi-...
