CVE-2022-0540: Atlassian Jira Seraph – Authentication Bypass
漏洞标题 CVE-2022-0540: Atlassian Jira Seraph - Authentication Bypass 漏洞描述 Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially...
CVE-2025-6934: The Opal Estate Pro – Property Management <= 1.7.5 - Unauthenticated Privilege Escalation
漏洞标题 CVE-2025-6934: The Opal Estate Pro – Property Management <= 1.7.5 - Unauthenticated Privilege Escalation 漏洞描述 The Opal Estate Pro plugin (≤ 1.7.5) is vulnerable t...
CVE-2017-18500: Social Buttons Pack by BestWebSof < 1.1.1 - Cross-Site Scripting
漏洞标题 CVE-2017-18500: Social Buttons Pack by BestWebSof < 1.1.1 - Cross-Site Scripting 漏洞描述 The social-buttons-pack plugin before 1.1.1 for WordPress has multiple XSS iss...
CVE-2019-20141: WordPress Laborator Neon Theme 2.0 – Cross-Site Scripting
漏洞标题 CVE-2019-20141: WordPress Laborator Neon Theme 2.0 - Cross-Site Scripting 漏洞描述 WordPress Laborator Neon theme 2.0 contains a cross-site scripting vulnerability via the...
CVE-2023-6655: Hongjing e-HR 2020 – SQL Injection
漏洞标题 CVE-2023-6655: Hongjing e-HR 2020 - SQL Injection 漏洞描述 A vulnerability, which was classified as critical, has been found in Hongjing e-HR 2020. Affected by this issue ...
CVE-2014-4536: Infusionsoft Gravity Forms Add-on < 1.5.7 - Cross-Site Scripting
漏洞标题 CVE-2014-4536: Infusionsoft Gravity Forms Add-on < 1.5.7 - Cross-Site Scripting 漏洞描述 Multiple cross-site scripting vulnerabilities in tests/notAuto_test_ContactServ...
CVE-2015-4455: WordPress Plugin Aviary Image Editor Addon For Gravity Forms 3.0 Beta – Arbitrary File Upload
漏洞标题 CVE-2015-4455: WordPress Plugin Aviary Image Editor Addon For Gravity Forms 3.0 Beta - Arbitrary File Upload 漏洞描述 Unrestricted file upload vulnerability in includes/up...
CVE-2016-1000139: WordPress Infusionsoft Gravity Forms <=1.5.11 - Cross-Site Scripting
漏洞标题 CVE-2016-1000139: WordPress Infusionsoft Gravity Forms <=1.5.11 - Cross-Site Scripting 漏洞描述 WordPress plugin Infusionsoft 1.5.11 and before contains a reflected cro...
CVE-2018-5233: Grav CMS <1.3.0 - Cross-Site Scripting
漏洞标题 CVE-2018-5233: Grav CMS <1.3.0 - Cross-Site Scripting 漏洞描述 Grav CMS before 1.3.0 is vulnerable to cross-site scripting via system/src/Grav/Common/Twig/Twig.php and ...
CVE-2020-11529: Grav < 1.7 - Open Redirect
漏洞标题 CVE-2020-11529: Grav < 1.7 - Open Redirect 漏洞描述 Grav before 1.7 has an open redirect vulnerability via common/Grav.php. This is partially fixed in 1.6.23 and still ...
CVE-2020-10987: Tenda AC15 AC1900 version 15.03.05.19 – Command Injection
漏洞标题 CVE-2020-10987: Tenda AC15 AC1900 version 15.03.05.19 - Command Injection 漏洞描述 The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote ...
CVE-2016-1000137: WordPress Hero Maps Pro 2.1.0 – Cross-Site Scripting
漏洞标题 CVE-2016-1000137: WordPress Hero Maps Pro 2.1.0 - Cross-Site Scripting 漏洞描述 WordPress Hero Maps Pro 2.1.0 contains a reflected cross-site scripting vulnerability which...
CVE-2017-8046: Spring Data Rest RCE
漏洞标题 CVE-2017-8046: Spring Data Rest RCE 漏洞描述 SpringDataREST是一个构建在SpringData之上,为了帮助开发者更加容易地开发REST风格的Web服务。在RESTAPI的Patch方法中(实现RFC6902)...
CVE-2017-8046: Spring Data Rest RCE
漏洞标题 CVE-2017-8046: Spring Data Rest RCE 漏洞描述 SpringDataREST是一个构建在SpringData之上,为了帮助开发者更加容易地开发REST风格的Web服务。在RESTAPI的Patch方法中(实现RFC6902)...
CVE-2014-2383: Dompdf < v0.6.0 - Local File Inclusion
漏洞标题 CVE-2014-2383: Dompdf < v0.6.0 - Local File Inclusion 漏洞描述 A vulnerability in dompdf.php in dompdf before 0.6.1, when DOMPDF_ENABLE_PHP is enabled, allows context-d...
CVE-2017-18490: Contact Form Multi by BestWebSoft < 1.2.1 - Cross-Site Scripting
漏洞标题 CVE-2017-18490: Contact Form Multi by BestWebSoft < 1.2.1 - Cross-Site Scripting 漏洞描述 The contact-form-multi plugin before 1.2.1 for WordPress has multiple XSS issu...
