CVE-2021-39350: FV Flowplayer Video Player WordPress plugin – Authenticated Cross-Site Scripting
漏洞标题 CVE-2021-39350: FV Flowplayer Video Player WordPress plugin - Authenticated Cross-Site Scripting 漏洞描述 The FV Flowplayer Video Player WordPress plugin is vulnerable to ...
CVE-2021-24347: WordPress SP Project & Document Manager <4.22 - Authenticated Shell Upload
漏洞标题 CVE-2021-24347: WordPress SP Project & Document Manager <4.22 - Authenticated Shell Upload 漏洞描述 WordPress SP Project & Document Manager plugin before 4.22 i...
CVE-2022-4050: WordPress JoomSport <5.2.8 - SQL Injection
漏洞标题 CVE-2022-4050: WordPress JoomSport <5.2.8 - SQL Injection 漏洞描述 WordPress JoomSport plugin before 5.2.8 contains a SQL injection vulnerability. The plugin does not p...
CVE-2023-39108: rConfig 3.9.4 – Server-Side Request Forgery
漏洞标题 CVE-2023-39108: rConfig 3.9.4 - Server-Side Request Forgery 漏洞描述 rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_b parameter...
CVE-2023-45878: Gibbon LMS <= v25.0.01 - File Upload to RCE
漏洞标题 CVE-2023-45878: Gibbon LMS <= v25.0.01 - File Upload to RCE 漏洞描述 Gibbon LMS versions 25.0.1 and earlier are vulnerable to an Arbitrary File Upload that can lead to ...
CVE-2022-4140: WordPress Welcart e-Commerce <2.8.5 - Arbitrary File Access
漏洞标题 CVE-2022-4140: WordPress Welcart e-Commerce <2.8.5 - Arbitrary File Access 漏洞描述 WordPress Welcart e-Commerce plugin before 2.8.5 is susceptible to arbitrary file ac...
CVE-2021-31316: CentOS Web Panel – SQL Injection
漏洞标题 CVE-2021-31316: CentOS Web Panel - SQL Injection 漏洞描述 The unprivileged user portal part of CentOS Web Panel is affected by a SQL Injection via the 'idsession'...
CVE-2021-25114: WordPress Paid Memberships Pro <2.6.7 - Blind SQL Injection
漏洞标题 CVE-2021-25114: WordPress Paid Memberships Pro <2.6.7 - Blind SQL Injection 漏洞描述 WordPress Paid Memberships Pro plugin before 2.6.7 is susceptible to blind SQL inje...
CVE-2020-15895: D-Link DIR-816L 2.x – Cross-Site Scripting
漏洞标题 CVE-2020-15895: D-Link DIR-816L 2.x - Cross-Site Scripting 漏洞描述 D-Link DIR-816L devices 2.x before 1.10b04Beta02 contains a cross-site scripting vulnerability. In the ...
CVE-2010-1353: Joomla! Component LoginBox – Local File Inclusion
漏洞标题 CVE-2010-1353: Joomla! Component LoginBox - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the LoginBox Pro (com_loginbox) component for Joomla! allo...
CVE-2021-21351: XStream <1.4.16 - Remote Code Execution
漏洞标题 CVE-2021-21351: XStream <1.4.16 - Remote Code Execution 漏洞描述 XStream before 1.4.16 is susceptible to remote code execution. An attacker can load and execute arbitra...
CVE-2018-18069: WordPress sitepress-multilingual-cms 3.6.3 – Cross-Site Scripting
漏洞标题 CVE-2018-18069: WordPress sitepress-multilingual-cms 3.6.3 - Cross-Site Scripting 漏洞描述 WordPress plugin sitepress-multilingual-cms 3.6.3 is vulnerable to cross-site sc...
CVE-2008-4668: Joomla! Image Browser 0.1.5 rc2 – Local File Inclusion
漏洞标题 CVE-2008-4668: Joomla! Image Browser 0.1.5 rc2 - Local File Inclusion 漏洞描述 Joomla! Image Browser 0.1.5 rc2 is susceptible to local file inclusion via com_imagebrowser ...
CVE-2017-18542: Zendesk Help Center by BestWebSoft < 1.0.5 - Cross-Site Scripting
漏洞标题 CVE-2017-18542: Zendesk Help Center by BestWebSoft < 1.0.5 - Cross-Site Scripting 漏洞描述 The zendesk-help-center plugin before 1.0.5 for WordPress has multiple XSS is...
CVE-2010-1955: Joomla! Component Deluxe Blog Factory 1.1.2 – Local File Inclusion
漏洞标题 CVE-2010-1955: Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the Deluxe Blog Factory (com_blogfactory)...
CVE-2023-46347: PrestaShop Step by Step products Pack – SQL Injection
漏洞标题 CVE-2023-46347: PrestaShop Step by Step products Pack - SQL Injection 漏洞描述 In the module “Step by Step products Pack” (ndk_steppingpack) up to 1.5.6 from NDK Design ...
