Apache OFBiz CVE-2024-38856 未授权代码执行漏洞
漏洞标题 Apache OFBiz CVE-2024-38856 未授权代码执行漏洞 漏洞描述 Apache OFBiz存在未授权代码执行漏洞,该漏洞是由于ProgramExport接口对用户的权限校验不当导致的。 PoC代码 暂无
CVE-2020-13483: Bitrix24 <=20.0.0 - Cross-Site Scripting
漏洞标题 CVE-2020-13483: Bitrix24 <=20.0.0 - Cross-Site Scripting 漏洞描述 The Web Application Firewall in Bitrix24 up to and including 20.0.0 allows XSS via the items[ITEMS][ID...
CVE-2022-4117: WordPress IWS Geo Form Fields <=1.0 - SQL Injection
漏洞标题 CVE-2022-4117: WordPress IWS Geo Form Fields <=1.0 - SQL Injection 漏洞描述 WordPress IWS Geo Form Fields plugin through 1.0 contains a SQL injection vulnerability. The...
CVE-2024-9047: WordPress File Upload <= 4.24.11 - Arbitrary File Read
漏洞标题 CVE-2024-9047: WordPress File Upload <= 4.24.11 - Arbitrary File Read 漏洞描述 The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all ver...
CVE-2024-28397: pyload-ng js2py – Remote Code Execution
漏洞标题 CVE-2024-28397: pyload-ng js2py - Remote Code Execution 漏洞描述 An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitr...
Apache OFBiz /viewdatafile 代码执行漏洞(CVE-2024-45195)
漏洞标题 Apache OFBiz /viewdatafile 代码执行漏洞(CVE-2024-45195) 漏洞描述 Apache OFBiz是一个开源企业资源规划(ERP)系统。它提供了一套企业应用程序,集成并自动化企业的许多业务流程...
CVE-2019-20210: WordPress CTHthemes – Cross-Site Scripting
漏洞标题 CVE-2019-20210: WordPress CTHthemes - Cross-Site Scripting 漏洞描述 WordPress CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes conta...
CVE-2021-35250: SolarWinds Serv-U 15.3 – Directory Traversal
漏洞标题 CVE-2021-35250: SolarWinds Serv-U 15.3 - Directory Traversal 漏洞描述 SolarWinds Serv-U 15.3 is susceptible to local file inclusion, which may allow an attacker access to ...
CVE-2021-25075: WordPress Duplicate Page or Post <1.5.1 - Cross-Site Scripting
漏洞标题 CVE-2021-25075: WordPress Duplicate Page or Post <1.5.1 - Cross-Site Scripting 漏洞描述 WordPress Duplicate Page or Post plugin before 1.5.1 contains a stored cross-sit...
CVE-2020-10148: SolarWinds Orion API – Auth Bypass
漏洞标题 CVE-2020-10148: SolarWinds Orion API - Auth Bypass 漏洞描述 SolarWinds Orion API is vulnerable to an authentication bypass vulnerability that could allow a remote attacker...
CVE-2018-18809: TIBCO JasperReports Library – Directory Traversal
漏洞标题 CVE-2018-18809: TIBCO JasperReports Library - Directory Traversal 漏洞描述 The default server implementation of TIBCO Software Inc.'s TIBCO JasperReports Library, TIB...
CVE-2018-15517: D-Link Central WifiManager – Server-Side Request Forgery
漏洞标题 CVE-2018-15517: D-Link Central WifiManager - Server-Side Request Forgery 漏洞描述 D-Link Central WifiManager is susceptible to server-side request forgery. The MailConnect...
CVE-2021-3374: Rstudio Shiny Server <1.5.16 - Local File Inclusion
漏洞标题 CVE-2021-3374: Rstudio Shiny Server <1.5.16 - Local File Inclusion 漏洞描述 Rstudio Shiny Server prior to 1.5.16 is vulnerable to local file inclusion and source code l...
CVE-2019-19825: TOTOLINK/Realtek Routers – CAPTCHA Bypass
漏洞标题 CVE-2019-19825: TOTOLINK/Realtek Routers - CAPTCHA Bypass 漏洞描述 On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via a POST request to t...
CVE-2018-10956: IPConfigure Orchid Core VMS 2.0.5 – Local File Inclusion
漏洞标题 CVE-2018-10956: IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion 漏洞描述 IPConfigure Orchid Core VMS 2.0.5 is susceptible to local file inclusion. PoC代码
CVE-2022-0346: WordPress XML Sitemap Generator for Google <2.0.4 - Cross-Site Scripting/Remote Code Execution
漏洞标题 CVE-2022-0346: WordPress XML Sitemap Generator for Google <2.0.4 - Cross-Site Scripting/Remote Code Execution 漏洞描述 WordPress XML Sitemap Generator for Google plugin...
