CVE-2022-27043: Yearning – Directory Traversal
漏洞标题 CVE-2022-27043: Yearning - Directory Traversal 漏洞描述 Yearning has a directory traversal vulnerability that can be exploited by attackers to obtain sensitive information...
CVE-2024-48360: Qualitor <= v8.24 - Server-Side Request Forgery
漏洞标题 CVE-2024-48360: Qualitor <= v8.24 - Server-Side Request Forgery 漏洞描述 Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component...
Atlassian Confluence CVE-2023-22527 远程命令执行漏洞
漏洞标题 Atlassian Confluence CVE-2023-22527 远程命令执行漏洞 漏洞描述 Atlassian Confluence存在远程命令执行漏洞,此漏洞是对用户的数据缺乏校验导致的。 PoC代码 暂无
CVE-2022-33901: WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read
漏洞标题 CVE-2022-33901: WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read 漏洞描述 WordPress MultiSafepay for WooCommerce plugin through 4.13.1 contains an ...
CVE-2023-38035: Ivanti Sentry – Authentication Bypass
漏洞标题 CVE-2023-38035: Ivanti Sentry - Authentication Bypass 漏洞描述 A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which m...
CVE-2010-1714: Joomla! Component Arcade Games 1.0 – Local File Inclusion
漏洞标题 CVE-2010-1714: Joomla! Component Arcade Games 1.0 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 f...
CVE-2022-4301: WordPress Sunshine Photo Cart <2.9.15 - Cross-Site Scripting
漏洞标题 CVE-2022-4301: WordPress Sunshine Photo Cart <2.9.15 - Cross-Site Scripting 漏洞描述 WordPress Sunshine Photo Cart plugin before 2.9.15 contains a cross-site scripting ...
CVE-2021-20167: Netgear RAX43 1.0.3.96 – Command Injection/Authentication Bypass Buffer Overrun
漏洞标题 CVE-2021-20167: Netgear RAX43 1.0.3.96 - Command Injection/Authentication Bypass Buffer Overrun 漏洞描述 Netgear RAX43 version 1.0.3.96 contains a command injection and au...
CVE-2023-32117: Integrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints
漏洞标题 CVE-2023-32117: Integrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints 漏洞描述 The Integrate Google Drive plugin for WordPress is vulnerable t...
CVE-2022-47003: Mura CMS <10.0.580 - Authentication Bypass
漏洞标题 CVE-2022-47003: Mura CMS <10.0.580 - Authentication Bypass 漏洞描述 Mura CMS before 10.0.580 is susceptible to authentication bypass in the Remember Me function. An att...
CVE-2018-11231: Opencart Divido – Sql Injection
漏洞标题 CVE-2018-11231: Opencart Divido - Sql Injection 漏洞描述 OpenCart Divido plugin is susceptible to SQL injection PoC代码
CVE-2015-1427: ElasticSearch – Remote Code Execution
漏洞标题 CVE-2015-1427: ElasticSearch - Remote Code Execution 漏洞描述 ElasticSearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection me...
Atlassian Confluence CVE-2023-22527 远程命令执行漏洞
漏洞标题 Atlassian Confluence CVE-2023-22527 远程命令执行漏洞 漏洞描述 Atlassian Confluence存在远程命令执行漏洞,此漏洞是对用户的数据缺乏校验导致的。 PoC代码 暂无
CVE-2022-0140: WordPress Visual Form Builder <3.0.8 - Information Disclosure
漏洞标题 CVE-2022-0140: WordPress Visual Form Builder <3.0.8 - Information Disclosure 漏洞描述 WordPress Visual Form Builder plugin before 3.0.8 contains a information disclosur...
Academy LMS 6.2 CVE-2023-4974 SQL注入漏洞
漏洞标题 Academy LMS 6.2 CVE-2023-4974 SQL注入漏洞 漏洞描述 Academy LMS 6.2存在sql注入漏洞,该漏洞是由于tutor/filter接口对用户的请求验证不当导致的。 PoC代码 暂无
CVE-2020-2883: Oracle WebLogic Server – Remote Code Execution
漏洞标题 CVE-2020-2883: Oracle WebLogic Server - Remote Code Execution 漏洞描述 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S...
