CVE-2022-44957: WebTareas 2.4p5 – Cross-Site Scripting
漏洞标题 CVE-2022-44957: WebTareas 2.4p5 - Cross-Site Scripting 漏洞描述 webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /clie...
CVE-2022-22897: PrestaShop AP Pagebuilder <= 2.4.4 - SQL Injection
漏洞标题 CVE-2022-22897: PrestaShop AP Pagebuilder <= 2.4.4 - SQL Injection 漏洞描述 A SQL injection vulnerability in the product_all_one_img and image_product parameters of the...
Adobe ColdFusion //CFIDE/wizards/common/utils.cfc 权限绕过漏洞 (CVE-2023-29298)
漏洞标题 Adobe ColdFusion //CFIDE/wizards/common/utils.cfc 权限绕过漏洞 (CVE-2023-29298) 漏洞描述 Adobe ColdFusion 是一种广泛用于企业级 Web 应用开发的工具,支持专有标记语言以构建...
CVE-2021-26072: Atlassian Confluence < 5.8.6 - Server-Side Request Forgery
漏洞标题 CVE-2021-26072: Atlassian Confluence < 5.8.6 - Server-Side Request Forgery 漏洞描述 Confluence Server and Data Center before 5.8.6 contain a blind server-side request f...
CVE-2024-7029: AVTECH IP Camera – Command Injection
漏洞标题 CVE-2024-7029: AVTECH IP Camera - Command Injection 漏洞描述 The endpoint `/cgi-bin/supervisor/Factory.cgi` is vulnerable to command injection via the `action` parameter, ...
CVE-2024-44000: LiteSpeed Cache <= 6.4.1 - Sensitive Information Exposure
漏洞标题 CVE-2024-44000: LiteSpeed Cache <= 6.4.1 - Sensitive Information Exposure 漏洞描述 The LiteSpeed Cache plugin for WordPress is vulnerable to Sensitive Information Expos...
CVE-2019-8943: WordPress Core 5.0.0 – Crop-image Shell Upload
漏洞标题 CVE-2019-8943: WordPress Core 5.0.0 - Crop-image Shell Upload 漏洞描述 WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to...
CVE-2024-9796: WordPress WP-Advanced-Search <= 3.3.9 - SQL Injection
漏洞标题 CVE-2024-9796: WordPress WP-Advanced-Search <= 3.3.9 - SQL Injection 漏洞描述 The WordPress WP-Advanced-Search plugin for WordPress is vulnerable to SQL Injection in al...
CVE-2021-25297: Nagios 5.5.6-5.7.5 – Authenticated Remote Command Injection
漏洞标题 CVE-2021-25297: Nagios 5.5.6-5.7.5 - Authenticated Remote Command Injection 漏洞描述 Nagios XI 5.5.6 through 5.7.5 is susceptible to authenticated remote command injection...
CVE-2015-10141: Xdebug <= 2.5.5 - Command Injection
漏洞标题 CVE-2015-10141: Xdebug <= 2.5.5 - Command Injection 漏洞描述 Xdebug <= 2.5.5 contains an unauthenticated command injection caused by accepting debugger protocol comm...
CVE-2022-1013: WordPress Personal Dictionary <1.3.4 - Blind SQL Injection
漏洞标题 CVE-2022-1013: WordPress Personal Dictionary <1.3.4 - Blind SQL Injection 漏洞描述 WordPress Personal Dictionary plugin before 1.3.4 contains a blind SQL injection vuln...
CVE-2020-8512: IceWarp WebMail Server <=11.4.4.1 - Cross-Site Scripting
漏洞标题 CVE-2020-8512: IceWarp WebMail Server <=11.4.4.1 - Cross-Site Scripting 漏洞描述 IceWarp Webmail Server through 11.4.4.1 contains a cross-site scripting vulnerability i...
CVE-2021-43798: Grafana v8.x – Arbitrary File Read
漏洞标题 CVE-2021-43798: Grafana v8.x - Arbitrary File Read 漏洞描述 Grafana versions 8.0.0-beta1 through 8.3.0 are vulnerable to a local directory traversal, allowing access to lo...
CVE-2023-5089: Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)
漏洞标题 CVE-2023-5089: Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page) 漏洞描述 The Defender Security WordPress plugin before 4.1.0 does not prevent redirects...
CVE-2022-42096: Backdrop CMS version 1.23.0 – Cross Site Scripting (Stored)
漏洞标题 CVE-2022-42096: Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored) 漏洞描述 Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (X...
CVE-2018-19287: WordPress Ninja Forms <3.3.18 - Cross-Site Scripting
漏洞标题 CVE-2018-19287: WordPress Ninja Forms <3.3.18 - Cross-Site Scripting 漏洞描述 WordPress Ninja Forms plugin before 3.3.18 contains a cross-site scripting vulnerability. ...
