CVE-2019-19824: TOTOLINK Realtek SD Routers – Remote Command Injection
漏洞标题 CVE-2019-19824: TOTOLINK Realtek SD Routers - Remote Command Injection 漏洞描述 TOTOLINK Realtek SDK based routers may allow an authenticated attacker to execute arbitrary...
CVE-2025-54782: NestJS DevTools Integration – Remote Code Execution
漏洞标题 CVE-2025-54782: NestJS DevTools Integration - Remote Code Execution 漏洞描述 Nest is a framework for building scalable Node.js server-side applications. In versions 0.2.0 ...
CVE-2015-2755: WordPress AB Google Map Travel <=3.4 - Stored Cross-Site Scripting
漏洞标题 CVE-2015-2755: WordPress AB Google Map Travel <=3.4 - Stored Cross-Site Scripting 漏洞描述 WordPress AB Google Map Travel plugin through 3.4 contains multiple stored cr...
CVE-2016-10973: Brafton WordPress Plugin < 3.4.8 - Cross-Site Scripting
漏洞标题 CVE-2016-10973: Brafton WordPress Plugin < 3.4.8 - Cross-Site Scripting 漏洞描述 The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=B...
CVE-2023-1020: Steveas WP Live Chat Shoutbox <= 1.4.2 - SQL Injection
漏洞标题 CVE-2023-1020: Steveas WP Live Chat Shoutbox <= 1.4.2 - SQL Injection 漏洞描述 The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and es...
CVE-2021-24298: WordPress Simple Giveaways <2.36.2 - Cross-Site Scripting
漏洞标题 CVE-2021-24298: WordPress Simple Giveaways <2.36.2 - Cross-Site Scripting 漏洞描述 WordPress Simple Giveaways plugin before 2.36.2 contains a cross-site scripting vulne...
CVE-2023-3846: MooDating 1.2 – Cross-Site Scripting
漏洞标题 CVE-2023-3846: MooDating 1.2 - Cross-Site Scripting 漏洞描述 A vulnerability classified as problematic has been found in mooSocial mooDating 1.2. This affects an unknown p...
CVE-2008-5587: phpPgAdmin <=4.2.1 - Local File Inclusion
漏洞标题 CVE-2008-5587: phpPgAdmin <=4.2.1 - Local File Inclusion 漏洞描述 phpPgAdmin 4.2.1 is vulnerable to local file inclusion in libraries/lib.inc.php when register globals ...
CVE-2021-44228: Apache Log4j2 Remote Code Injection
漏洞标题 CVE-2021-44228: Apache Log4j2 Remote Code Injection 漏洞描述 Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect aga...
CVE-2017-0929: DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery
漏洞标题 CVE-2017-0929: DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery 漏洞描述 DotNetNuke (aka DNN) before 9.2.0 suffers from a server-side request forgery ...
CVE-2019-8086: Adobe Experience Manager – XML External Entity Injection
漏洞标题 CVE-2019-8086: Adobe Experience Manager - XML External Entity Injection 漏洞描述 Adobe Experience Manager 6.5, 6.4, 6.3 and 6.2 are susceptible to XML external entity inje...
CVE-2022-28219: Zoho ManageEngine ADAudit Plus <7600 - XML Entity Injection/Remote Code Execution
漏洞标题 CVE-2022-28219: Zoho ManageEngine ADAudit Plus <7600 - XML Entity Injection/Remote Code Execution 漏洞描述 Zoho ManageEngine ADAudit Plus before version 7060 is vulnera...
CVE-2021-24946: WordPress Modern Events Calendar <6.1.5 - Blind SQL Injection
漏洞标题 CVE-2021-24946: WordPress Modern Events Calendar <6.1.5 - Blind SQL Injection 漏洞描述 WordPress Modern Events Calendar plugin before 6.1.5 is susceptible to blind SQL ...
CVE-2023-27639: PrestaShop TshirteCommerce – Directory Traversal
漏洞标题 CVE-2023-27639: PrestaShop TshirteCommerce - Directory Traversal 漏洞描述 The Custom Product Designer (tshirtecommerce) module for PrestaShop allows HTTP requests to be fo...
CVE-2023-34020: Uncanny Toolkit for LearnDash – Open Redirection
漏洞标题 CVE-2023-34020: Uncanny Toolkit for LearnDash - Open Redirection 漏洞描述 A vulnerability in the WordPress Uncanny Toolkit for LearnDash Plugin allowed malicious actors to...
CVE-2021-41460: ECShop 4.1.0 – SQL Injection
漏洞标题 CVE-2021-41460: ECShop 4.1.0 - SQL Injection 漏洞描述 ECShop 4.1.0 has SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information. Po...
