云记
CVE-2020-8772: WordPress InfiniteWP <1.9.4.5 - Authorization Bypass
漏洞标题 CVE-2020-8772: WordPress InfiniteWP <1.9.4.5 - Authorization Bypass 漏洞描述 WordPress InfiniteWP plugin before 1.9.4.5 for WordPress contains an authorization bypass v...
CVE-2023-30210: OURPHP <= 7.2.0 - Cross Site Scripting
漏洞标题 CVE-2023-30210: OURPHP <= 7.2.0 - Cross Site Scripting 漏洞描述 OURPHP <= 7.2.0 is vulnerable to Cross Site Scripting (XSS) via /client/manage/ourphp_tz.php. PoC代码
CVE-2024-32238: H3C ER8300G2-X – Password Disclosure
漏洞标题 CVE-2024-32238: H3C ER8300G2-X - Password Disclosure 漏洞描述 H3C ER8300G2-X is vulnerable to Incorrect Access Control. The password for the router's management syste...
CVE-2022-0150: WordPress Accessibility Helper <0.6.0.7 - Cross-Site Scripting
漏洞标题 CVE-2022-0150: WordPress Accessibility Helper <0.6.0.7 - Cross-Site Scripting 漏洞描述 WordPress Accessibility Helper plugin before 0.6.0.7 contains a cross-site script...
CVE-2022-1946: WordPress Gallery <2.0.0 - Cross-Site Scripting
漏洞标题 CVE-2022-1946: WordPress Gallery <2.0.0 - Cross-Site Scripting 漏洞描述 WordPress Gallery plugin before 2.0.0 contains a reflected cross-site scripting vulnerability. I...
CVE-2021-44848: Thinfinity VirtualUI User Enumeration
漏洞标题 CVE-2021-44848: Thinfinity VirtualUI User Enumeration 漏洞描述 Thinfinity VirtualUI (before v3.0), /changePassword returns different responses for requests depending on wh...
CVE-2023-4490: WordPress Job Portal < 2.0.6 - SQL Injection
漏洞标题 CVE-2023-4490: WordPress Job Portal < 2.0.6 - SQL Injection 漏洞描述 The WP Job Portal WordPress plugin before 2.0.6 does not sanitise and escape the city parameter bef...
CVE-2022-32771: WWBN AVideo 11.6 – Cross-Site Scripting
漏洞标题 CVE-2022-32771: WWBN AVideo 11.6 - Cross-Site Scripting 漏洞描述 WWBN AVideo 11.6 contains a cross-site scripting vulnerability in the footer alerts functionality via the ...
CVE-2021-24875: WordPress eCommerce Product Catalog <3.0.39 - Cross-Site Scripting
漏洞标题 CVE-2021-24875: WordPress eCommerce Product Catalog <3.0.39 - Cross-Site Scripting 漏洞描述 WordPress eCommerce Product Catalog plugin before 3.0.39 contains a cross-si...
CVE-2021-37415: Zoho ManageEngine ServiceDesk Plus – Authentication Bypass
漏洞标题 CVE-2021-37415: Zoho ManageEngine ServiceDesk Plus - Authentication Bypass 漏洞描述 Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass ...
CVE-2023-48777: WordPress Elementor 3.18.1 – File Upload/Remote Code Execution
漏洞标题 CVE-2023-48777: WordPress Elementor 3.18.1 - File Upload/Remote Code Execution 漏洞描述 The plugin is vulnerable to Remote Code Execution via file upload via the template ...
CVE-2015-3224: Ruby on Rails Web Console – Remote Code Execution
漏洞标题 CVE-2015-3224: Ruby on Rails Web Console - Remote Code Execution 漏洞描述 Ruby on Rails Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly...
CVE-2019-14470: WordPress UserPro 4.9.32 – Cross-Site Scripting
漏洞标题 CVE-2019-14470: WordPress UserPro 4.9.32 - Cross-Site Scripting 漏洞描述 WordPress UserPro 4.9.32 is vulnerable to reflected cross-site scripting because the Instagram PHP...
CVE-2024-32640: Mura/Masa CMS – SQL Injection
漏洞标题 CVE-2024-32640: Mura/Masa CMS - SQL Injection 漏洞描述 The Mura/Masa CMS is vulnerable to SQL Injection. PoC代码
CVE-2021-24245: WordPress Stop Spammers <2021.9 - Cross-Site Scripting
漏洞标题 CVE-2021-24245: WordPress Stop Spammers <2021.9 - Cross-Site Scripting 漏洞描述 WordPress Stop Spammers plugin before 2021.9 contains a reflected cross-site scripting v...
CVE-2021-24997: WordPress Guppy <=1.1 - Information Disclosure
漏洞标题 CVE-2021-24997: WordPress Guppy <=1.1 - Information Disclosure 漏洞描述 WordPress Guppy plugin through 1.1 is susceptible to an API disclosure vulnerability. This can a...
