CVE-2017-15944: Palo Alto Network PAN-OS – Remote Code Execution
漏洞标题 CVE-2017-15944: Palo Alto Network PAN-OS - Remote Code Execution 漏洞描述 Palo Alto Network PAN-OS and Panorama before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, an...
CVE-2023-49230: Peplink Balance Two before 8.4.0 – Unauthenticated Config Upload
漏洞标题 CVE-2023-49230: Peplink Balance Two before 8.4.0 - Unauthenticated Config Upload 漏洞描述 A vulnerability in Peplink Balance Two prior to version 8.4.0 allows unauthentica...
CVE-2019-11253: Kubernetes API Server – YAML Parsing DoS (Billion Laughs)
漏洞标题 CVE-2019-11253: Kubernetes API Server - YAML Parsing DoS (Billion Laughs) 漏洞描述 The Kubernetes API server is vulnerable to a denial of service attack via YAML/JSON pars...
CVE-2024-28995: SolarWinds Serv-U – Directory Traversal
漏洞标题 CVE-2024-28995: SolarWinds Serv-U - Directory Traversal 漏洞描述 SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read...
CVE-2022-25488: Atom CMS v2.0 – SQL Injection
漏洞标题 CVE-2022-25488: Atom CMS v2.0 - SQL Injection 漏洞描述 Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php...
ConnectWise ScreenConnect CVE-2024-1709身份验证绕过漏洞
漏洞标题 ConnectWise ScreenConnect CVE-2024-1709身份验证绕过漏洞 漏洞描述 ConnectWise ScreenConnect存在身份验证绕过漏洞,此漏洞是由于对url验证不充分导致的,特殊的url可绕过验证并访...
CVE-2021-45027: Oliver 5 Library Server <8.00.008.053 - Local File Inclusion
漏洞标题 CVE-2021-45027: Oliver 5 Library Server <8.00.008.053 - Local File Inclusion 漏洞描述 Oliver 5 Library Server versions prior to 8.00.008.053 are vulnerable to local fil...
BackupBuddy 存在本地文件包含漏洞(CVE-2022-31474)
漏洞标题 BackupBuddy 存在本地文件包含漏洞(CVE-2022-31474) 漏洞描述 BackupBuddy 是WordPress一款备份迁移插件。BackupBuddy 8.5.8.0 - 8.7.4.1版本存在本地文件包含漏洞,攻击者可以利用...
CVE-2021-27316: Doctor Appointment System 1.0 – SQL Injection
漏洞标题 CVE-2021-27316: Doctor Appointment System 1.0 - SQL Injection 漏洞描述 Blind SQL injection in contactus.php in doctor appointment system 1.0 allows an unauthenticated atta...
CVE-2019-2767: Oracle Business Intelligence Publisher – XML External Entity Injection
漏洞标题 CVE-2019-2767: Oracle Business Intelligence Publisher - XML External Entity Injection 漏洞描述 Oracle Business Intelligence Publisher is vulnerable to an XML external enti...
CVE-2021-31602: Hitachi Vantara Pentaho/Business Intelligence Server – Authentication Bypass
漏洞标题 CVE-2021-31602: Hitachi Vantara Pentaho/Business Intelligence Server - Authentication Bypass 漏洞描述 Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence...
CVE-2020-12800: WordPress Contact Form 7 <1.3.3.3 - Remote Code Execution
漏洞标题 CVE-2020-12800: WordPress Contact Form 7 <1.3.3.3 - Remote Code Execution 漏洞描述 WordPress Contact Form 7 before 1.3.3.3 allows unrestricted file upload and remote co...
CVE-2022-1020: WordPress WooCommerce <3.1.2 - Arbitrary Function Call
漏洞标题 CVE-2022-1020: WordPress WooCommerce <3.1.2 - Arbitrary Function Call 漏洞描述 WordPress WooCommerce plugin before 3.1.2 does not have authorisation and CSRF checks in ...
CVE-2021-24940: WordPress Persian Woocommerce <=5.8.0 - Cross-Site Scripting
漏洞标题 CVE-2021-24940: WordPress Persian Woocommerce <=5.8.0 - Cross-Site Scripting 漏洞描述 WordPress Persian Woocommerce plugin through 5.8.0 contains a cross-site scripting...
CVE-2022-0208: WordPress Plugin MapPress <2.73.4 - Cross-Site Scripting
漏洞标题 CVE-2022-0208: WordPress Plugin MapPress <2.73.4 - Cross-Site Scripting 漏洞描述 WordPress Plugin MapPress before version 2.73.4 does not sanitize and escape the '...
CVE-2024-45488: SafeGuard for Privileged Passwords < 7.5.2 - Authentication Bypass
漏洞标题 CVE-2024-45488: SafeGuard for Privileged Passwords < 7.5.2 - Authentication Bypass 漏洞描述 One Identity Safeguard for Privileged Passwords before 7.5.2 allows unauthor...
