CVE-2023-2518: WordPress Easy Forms for Mailchimp Plugin < 6.8.9 - Cross-Site Scripting
漏洞标题 CVE-2023-2518: WordPress Easy Forms for Mailchimp Plugin < 6.8.9 - Cross-Site Scripting 漏洞描述 The Easy Forms for Mailchimp plugin before version 6.8.9 contains a ref...
Apache Pinot存在认证绕过漏洞(CVE-2024-56325)
漏洞标题 Apache Pinot存在认证绕过漏洞(CVE-2024-56325) 漏洞描述 Apache Pinot 1.3 版本以下存在认证绕过漏洞,攻击者可构造恶意请求绕过相关权限认证,调用相关后台功能,造成敏感信息泄漏...
CVE-2018-10736: Nagios XI SQL Inject
漏洞标题 CVE-2018-10736: Nagios XI SQL Inject 漏洞描述 Nagios XI SQL Inject PoC代码
CVE-2018-12613: PhpMyAdmin 4.8.1 Remote File Inclusion
漏洞标题 CVE-2018-12613: PhpMyAdmin 4.8.1 Remote File Inclusion 漏洞描述 An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potent...
CVE-2024-22024: Ivanti Connect Secure – XXE
漏洞标题 CVE-2024-22024: Ivanti Connect Secure - XXE 漏洞描述 Ivanti Connect Secure is vulnerable to XXE (XML External Entity) injection. PoC代码
CVE-2021-44529: Ivanti EPM Cloud Services Appliance Code Injection
漏洞标题 CVE-2021-44529: Ivanti EPM Cloud Services Appliance Code Injection 漏洞描述 Ivanti EPM Cloud Services Appliance (CSA) before version 4.6.0-512 is susceptible to a code inj...
CVE-2018-1000130: Jolokia Agent – JNDI Code Injection
漏洞标题 CVE-2018-1000130: Jolokia Agent - JNDI Code Injection 漏洞描述 Jolokia agent is vulnerable to a JNDI injection vulnerability that allows a remote attacker to run arbitrary...
CVE-2025-53624: Docusaurus Gists Plugin < 4.0.0 - GitHub Personal Access Token Exposure
漏洞标题 CVE-2025-53624: Docusaurus Gists Plugin < 4.0.0 - GitHub Personal Access Token Exposure 漏洞描述 The Docusaurus gists plugin adds a page to your Docusaurus instance, di...
Commvault /commandcenter/publicLink.do 权限绕过漏洞(CVE-2025-57788)
漏洞标题 Commvault /commandcenter/publicLink.do 权限绕过漏洞(CVE-2025-57788) 漏洞描述 Commvault-WebServer是Commvault公司推出的一款网络服务器软件。该软件具有高效、安全、稳定的特点...
CVE-2021-24370: WordPress Fancy Product Designer <4.6.9 - Arbitrary File Upload
漏洞标题 CVE-2021-24370: WordPress Fancy Product Designer <4.6.9 - Arbitrary File Upload 漏洞描述 WordPress Fancy Product Designer plugin before 4.6.9 is susceptible to an arbit...
CVE-2022-29009: Cyber Cafe Management System 1.0 – SQL Injection
漏洞标题 CVE-2022-29009: Cyber Cafe Management System 1.0 - SQL Injection 漏洞描述 Cyber Cafe Management System 1.0 contains multiple SQL injection vulnerabilities via the username...
CVE-2021-27877: Veritas Backup Exec – Broken Authentication
漏洞标题 CVE-2021-27877: Veritas Backup Exec - Broken Authentication 漏洞描述 An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication scheme...
CVE-2022-34094: Software Publico Brasileiro i3geo v7.0.5 – Cross-Site Scripting
漏洞标题 CVE-2022-34094: Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting 漏洞描述 Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cro...
CVE-2018-8719: WordPress WP Security Audit Log 3.1.1 – Information Disclosure
漏洞标题 CVE-2018-8719: WordPress WP Security Audit Log 3.1.1 - Information Disclosure 漏洞描述 WordPress WP Security Audit Log 3.1.1 plugin is susceptible to information disclosur...
CVE-2019-11510: Pulse Connect Secure SSL VPN Arbitrary File Read
漏洞标题 CVE-2019-11510: Pulse Connect Secure SSL VPN Arbitrary File Read 漏洞描述 Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9...
CVE-2021-24991: WooCommerce PDF Invoices & Packing Slips WordPress Plugin < 2.10.5 - Cross-Site Scripting
漏洞标题 CVE-2021-24991: WooCommerce PDF Invoices & Packing Slips WordPress Plugin < 2.10.5 - Cross-Site Scripting 漏洞描述 The Wordpress plugin WooCommerce PDF Invoices &am...
