云记
CVE-2025-47423: Personal Weather Station Dashboard 12 – Directory Traversal
漏洞标题 CVE-2025-47423: Personal Weather Station Dashboard 12 - Directory Traversal 漏洞描述 Personal Weather Station Dashboard 12_lts allows unauthenticated remote attackers to r...
CVE-2025-34291: Langflow AI <= 1.6.9 - CORS Misconfiguration
漏洞标题 CVE-2025-34291: Langflow AI <= 1.6.9 - CORS Misconfiguration 漏洞描述 Langflow AI versions 1.6.9 and earlier are vulnerable to a CORS misconfiguration that allows any o...
CVE-2011-5106: WordPress Plugin Flexible Custom Post Type < 0.1.7 - Cross-Site Scripting
漏洞标题 CVE-2011-5106: WordPress Plugin Flexible Custom Post Type < 0.1.7 - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in edit-post.php in the Flexible ...
CVE-2018-20463: WordPress JSmol2WP <=1.07 - Local File Inclusion
漏洞标题 CVE-2018-20463: WordPress JSmol2WP <=1.07 - Local File Inclusion 漏洞描述 WordPress JSmol2WP plugin 1.07 is susceptible to local file inclusion via ../ directory traver...
CVE-2020-26248: PrestaShop Product Comments <4.2.0 - SQL Injection
漏洞标题 CVE-2020-26248: PrestaShop Product Comments <4.2.0 - SQL Injection 漏洞描述 PrestaShop Product Comments module before version 4.2.1 contains a SQL injection vulnerabili...
CVE-2022-1162: GitLab CE/EE – Hard-Coded Credentials
漏洞标题 CVE-2022-1162: GitLab CE/EE - Hard-Coded Credentials 漏洞描述 GitLab CE/EE contains a hard-coded credentials vulnerability. A hardcoded password was set for accounts regis...
CVE-2020-7107: WordPress Ultimate FAQ <1.8.30 - Cross-Site Scripting
漏洞标题 CVE-2020-7107: WordPress Ultimate FAQ <1.8.30 - Cross-Site Scripting 漏洞描述 WordPress Ultimate FAQ plugin before 1.8.30 is susceptible to cross-site scripting via Dis...
Amcrest IP Camera Web Sha1Account1 账号密码泄漏漏洞(CVE-2017-8229)
漏洞标题 Amcrest IP Camera Web Sha1Account1 账号密码泄漏漏洞(CVE-2017-8229) 漏洞描述 Amcrest IP Camera Web是Amcrest公司的一款无线IP摄像头,设备允许未经身份验证的攻击者下载管理凭据...
CVE-2020-5902: F5 BIG-IP TMUI – Remote Code Execution
漏洞标题 CVE-2020-5902: F5 BIG-IP TMUI - Remote Code Execution 漏洞描述 F5 BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, ...
CVE-2024-27954: WordPress Automatic Plugin <3.92.1 - Arbitrary File Download and SSRF
漏洞标题 CVE-2024-27954: WordPress Automatic Plugin <3.92.1 - Arbitrary File Download and SSRF 漏洞描述 WordPress Automatic plugin <3.92.1 is vulnerable to unauthenticated Ar...
Apache Struts2(S2-061)远程代码执行漏洞(CVE-2020-17530)
漏洞标题 Apache Struts2(S2-061)远程代码执行漏洞(CVE-2020-17530) 漏洞描述 Apache Struts2框架是一个用于开发Java EE网络应用程序的Web框架。Struts2 会对某些标签属性(比如 id,其他属性有...
CVE-2021-24288: WordPress AcyMailing <7.5.0 - Open Redirect
漏洞标题 CVE-2021-24288: WordPress AcyMailing <7.5.0 - Open Redirect 漏洞描述 WordPress AcyMailing plugin before 7.5.0 contains an open redirect vulnerability due to improper sa...
CVE-2021-21805: Advantech R-SeeNet 2.4.12 – OS Command Injection
漏洞标题 CVE-2021-21805: Advantech R-SeeNet 2.4.12 - OS Command Injection 漏洞描述 Advantech R-SeeNet 2.4.12 is susceptible to remote OS command execution via the ping.php script f...
(CVE-2020-1956) Apache Kylin RESTful API 命令注入漏洞
漏洞标题 (CVE-2020-1956) Apache Kylin RESTful API 命令注入漏洞 漏洞描述 (CVE-2020-1956) Apache Kylin RESTful API 命令注入漏洞 PoC代码 暂无
CVE-2020-11441: phpMyAdmin 5.0.2 – CRLF Injection
漏洞标题 CVE-2020-11441: phpMyAdmin 5.0.2 - CRLF Injection 漏洞描述 phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields causin...
CVE-2022-1007: WordPress Advanced Booking Calendar <1.7.1 - Cross-Site Scripting
漏洞标题 CVE-2022-1007: WordPress Advanced Booking Calendar <1.7.1 - Cross-Site Scripting 漏洞描述 WordPress Advanced Booking Calendar plugin before 1.7.1 contains a cross-site ...
