CVE-2021-44910: SpringBlade – Information Leakage
漏洞标题 CVE-2021-44910: SpringBlade - Information Leakage 漏洞描述 SpringBlade is a comprehensive project upgraded and optimized from a commercial-grade project, featuring both a ...
CVE-2021-24146: WordPress Modern Events Calendar Lite <5.16.5 - Sensitive Information Disclosure
漏洞标题 CVE-2021-24146: WordPress Modern Events Calendar Lite <5.16.5 - Sensitive Information Disclosure 漏洞描述 WordPress Modern Events Calendar Lite before 5.16.5 does not p...
CVE-2018-1000130: Jolokia Agent – JNDI Code Injection
漏洞标题 CVE-2018-1000130: Jolokia Agent - JNDI Code Injection 漏洞描述 Jolokia agent is vulnerable to a JNDI injection vulnerability that allows a remote attacker to run arbitrary...
CVE-2020-10148: SolarWinds Orion Platform Authentication Bypass
漏洞标题 CVE-2020-10148: SolarWinds Orion Platform Authentication Bypass 漏洞描述 The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attac...
CVE-2010-2036: Joomla! Component Percha Fields Attach 1.0 – Directory Traversal
漏洞标题 CVE-2010-2036: Joomla! Component Percha Fields Attach 1.0 - Directory Traversal 漏洞描述 A directory traversal vulnerability in the Percha Fields Attach (com_perchafieldsa...
CVE-2022-0653: WordPress Profile Builder Plugin Cross-Site Scripting
漏洞标题 CVE-2022-0653: Wordpress Profile Builder Plugin Cross-Site Scripting 漏洞描述 The Profile Builder User Profile & User Registration Forms WordPress plugin is vulnerable...
CVE-2024-24328: TotoLink Router setMacFilterRules – Command Injection
漏洞标题 CVE-2024-24328: TotoLink Router setMacFilterRules - Command Injection 漏洞描述 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulner...
CVE-2022-1946: WordPress Gallery <2.0.0 - Cross-Site Scripting
漏洞标题 CVE-2022-1946: WordPress Gallery <2.0.0 - Cross-Site Scripting 漏洞描述 WordPress Gallery plugin before 2.0.0 contains a reflected cross-site scripting vulnerability. I...
CVE-2022-4140: WordPress Welcart e-Commerce <2.8.5 - Arbitrary File Access
漏洞标题 CVE-2022-4140: WordPress Welcart e-Commerce <2.8.5 - Arbitrary File Access 漏洞描述 WordPress Welcart e-Commerce plugin before 2.8.5 is susceptible to arbitrary file ac...
Cacti 存在命令注入漏洞 (CVE-2022-46169)
漏洞标题 Cacti 存在命令注入漏洞 (CVE-2022-46169) 漏洞描述 Cacti是Cacti团队的一套开源的网络流量监测和分析工具。该工具通过snmpget来获取数据,使用RRDtool绘画图形进行分析,并提供数据和...
CVE-2021-41192: Redash Setup Configuration – Default Secrets Disclosure
漏洞标题 CVE-2021-41192: Redash Setup Configuration - Default Secrets Disclosure 漏洞描述 Redash Setup Configuration is vulnerable to default secrets disclosure (Insecure Default I...
CVE-2021-31602: Hitachi Vantara Pentaho/Business Intelligence Server – Authentication Bypass
漏洞标题 CVE-2021-31602: Hitachi Vantara Pentaho/Business Intelligence Server - Authentication Bypass 漏洞描述 Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence...
CVE-2022-1020: WordPress WooCommerce <3.1.2 - Arbitrary Function Call
漏洞标题 CVE-2022-1020: WordPress WooCommerce <3.1.2 - Arbitrary Function Call 漏洞描述 WordPress WooCommerce plugin before 3.1.2 does not have authorisation and CSRF checks in ...
CVE-2022-31181: PrestaShop – SQL Injection to Eval Injection
漏洞标题 CVE-2022-31181: PrestaShop - SQL Injection to Eval Injection 漏洞描述 PrestaShop versions from 1.6.0.10 and before 1.7.8.7 contain an SQL injection caused by unsanitized u...
CVE-2024-25852: Linksys RE7000 – Command Injection
漏洞标题 CVE-2024-25852: Linksys RE7000 - Command Injection 漏洞描述 Linksys RE7000 v2.0.9, v2.0.11, and v2.0.15 have a command execution vulnerability in the "AccessControlLi...
CVE-2023-49230: Peplink Balance Two before 8.4.0 – Unauthenticated Config Upload
漏洞标题 CVE-2023-49230: Peplink Balance Two before 8.4.0 - Unauthenticated Config Upload 漏洞描述 A vulnerability in Peplink Balance Two prior to version 8.4.0 allows unauthentica...
