CVE-2025-47445: WordPress Eventin (Themewinter) ≤ 4.0.26 – Arbitrary File Download
漏洞标题 CVE-2025-47445: WordPress Eventin (Themewinter) ≤ 4.0.26 - Arbitrary File Download 漏洞描述 Themewinter Eventin contains a path traversal caused by relative path manipula...
CVE-2025-47539: Eventin <= 4.0.26 - Privilege Escalation
漏洞标题 CVE-2025-47539: Eventin <= 4.0.26 - Privilege Escalation 漏洞描述 The Eventin WordPress plugin before 4.0.27 suffers from an unauthenticated privilege escalation vulner...
CVE-2022-3980: Sophos Mobile managed on-premises – XML External Entity Injection
漏洞标题 CVE-2022-3980: Sophos Mobile managed on-premises - XML External Entity Injection 漏洞描述 An XML External Entity (XXE) vulnerability allows server-side request forgery (SS...
CVE-2024-42852: AcuToWeb server/10.5.0.7577c8b – Cross-Site Scripting
漏洞标题 CVE-2024-42852: AcuToWeb server/10.5.0.7577c8b - Cross-Site Scripting 漏洞描述 AcuToWeb server/10.5.0.7577c8b is vulnerable to reflected cross-site scripting (XSS) via the...
CVE-2023-0602: Twittee Text Tweet <= 1.0.8 - Cross-Site Scripting
漏洞标题 CVE-2023-0602: Twittee Text Tweet <= 1.0.8 - Cross-Site Scripting 漏洞描述 The Twittee Text Tweet WordPress plugin through 1.0.8 does not properly escape POST values wh...
CVE-2010-1719: Joomla! Component MT Fire Eagle 1.2 – Local File Inclusion
漏洞标题 CVE-2010-1719: Joomla! Component MT Fire Eagle 1.2 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the MT Fire Eagle (com_mtfireeagle) component 1.2...
CVE-2023-45852: Viessmann Vitogate 300 – Remote Code Execution
漏洞标题 CVE-2023-45852: Viessmann Vitogate 300 - Remote Code Execution 漏洞描述 In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authent...
CVE-2023-5222: Viessmann Vitogate 300 – Hardcoded Password
漏洞标题 CVE-2023-5222: Viessmann Vitogate 300 - Hardcoded Password 漏洞描述 A critical vulnerability in Viessmann Vitogate 300 up to 2.1.3.0 allows attackers to authenticate using...
CVE-2019-5591: FortiOS – Insecure LDAP Configuration Detection
漏洞标题 CVE-2019-5591: FortiOS - Insecure LDAP Configuration Detection 漏洞描述 The FortiGate LDAP configuration was detected to be insecure due to missing ca-cert, secure LDAPS, ...
CVE-2001-0537: Cisco IOS HTTP Configuration – Authentication Bypass
漏洞标题 CVE-2001-0537: Cisco IOS HTTP Configuration - Authentication Bypass 漏洞描述 HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute a...
CVE-2015-1880: Fortinet FortiOS <=5.2.3 - Cross-Site Scripting
漏洞标题 CVE-2015-1880: Fortinet FortiOS <=5.2.3 - Cross-Site Scripting 漏洞描述 Fortinet FortiOS 5.2.x before 5.2.3 contains a cross-site scripting vulnerability in the SSL VPN...
CVE-2016-3978: Fortinet FortiOS – Open Redirect/Cross-Site Scripting
漏洞标题 CVE-2016-3978: Fortinet FortiOS - Open Redirect/Cross-Site Scripting 漏洞描述 FortiOS Web User Interface in 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0...
CVE-2017-14186: FortiGate FortiOS SSL VPN Web Portal – Cross-Site Scripting
漏洞标题 CVE-2017-14186: FortiGate FortiOS SSL VPN Web Portal - Cross-Site Scripting 漏洞描述 FortiGate FortiOS through SSL VPN Web Portal contains a cross-site scripting vulnerabi...
CVE-2017-3131: FortiOS 5.4.0 to 5.6.0 – Cross-Site Scripting
漏洞标题 CVE-2017-3131: FortiOS 5.4.0 to 5.6.0 - Cross-Site Scripting 漏洞描述 A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 and 5.6.0 allow...
CVE-2017-3132: Fortinet FortiOS < 5.6.0 - Cross-Site Scripting
漏洞标题 CVE-2017-3132: Fortinet FortiOS < 5.6.0 - Cross-Site Scripting 漏洞描述 A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attac...
CVE-2017-3133: Fortinet FortiOS < 5.6.0 - Cross-Site Scripting
漏洞标题 CVE-2017-3133: Fortinet FortiOS < 5.6.0 - Cross-Site Scripting 漏洞描述 A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attac...
