CVE-2024-8859: Mlflow < 2.17.0 - Local File Inclusion
漏洞标题 CVE-2024-8859: Mlflow < 2.17.0 - Local File Inclusion 漏洞描述 Mlflow before 2.17.0 is susceptible to local file inclusion due to path traversal in GitHub repository ml...
CVE-2023-30258: MagnusBilling – Unauthenticated Remote Code Execution
漏洞标题 CVE-2023-30258: MagnusBilling - Unauthenticated Remote Code Execution 漏洞描述 Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote at...
Atlassian Jira信息泄露漏洞(CVE-2019-8449)
漏洞标题 Atlassian Jira信息泄露漏洞(CVE-2019-8449) 漏洞描述 Atlassian Jira 8.4.0之前版本/rest/api/latest/groupuserpicker接口允许远程攻击者枚举用户名,导致信息泄露。 PoC代码 暂无
AVM FRITZ!Box 7530 AX未授权访问漏洞(CVE-2024-54767)
漏洞标题 AVM FRITZ!Box 7530 AX未授权访问漏洞(CVE-2024-54767) 漏洞描述 AVM FRITZ!Box 7530 AX v7.59组件中的/juis_boxinfo.xml存在访问控制问题,允许攻击者在未经身份验证的情况下获取敏...
CVE-2025-55523: Agent-Zero 0.8.0 – 0.9.4 – Arbitrary File Download
漏洞标题 CVE-2025-55523: Agent-Zero 0.8.0 - 0.9.4 - Arbitrary File Download 漏洞描述 Agent-Zero v0.8.0 - 0.9.4 contains a path traversal caused by improper validation in /api/downl...
CVE-2016-4437: Apache Shiro 1.2.4 Cookie RememberME – Deserial Remote Code Execution Vulnerability
漏洞标题 CVE-2016-4437: Apache Shiro 1.2.4 Cookie RememberME - Deserial Remote Code Execution Vulnerability 漏洞描述 Apache Shiro before 1.2.5, when a cipher key has not been confi...
CVE-2019-11248: Debug Endpoint pprof – Exposure Detection
漏洞标题 CVE-2019-11248: Debug Endpoint pprof - Exposure Detection 漏洞描述 The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. This debug...
CVE-2024-4620: ArForms < 6.6 - Remote Code Execution
漏洞标题 CVE-2024-4620: ArForms < 6.6 - Remote Code Execution 漏洞描述 The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated use...
Apache Struts2(S2-012)远程代码执行漏洞(CVE-2013-1965)
漏洞标题 Apache Struts2(S2-012)远程代码执行漏洞(CVE-2013-1965) 漏洞描述 S2-012中,包含特制请求参数的请求可用于将任意 OGNL代码注入属性,然后用作重定向地址的请求参数,这将导致进一步...
CVE-2018-7193: osTicket < 1.10.2 - Cross-Site Scripting
漏洞标题 CVE-2018-7193: osTicket < 1.10.2 - Cross-Site Scripting 漏洞描述 Cross-site scripting (XSS) vulnerability in /scp/directory.php in Enhancesoft osTicket before 1.10.2 al...
CVE-2021-30128: Apache OFBiz <17.12.07 - Arbitrary Code Execution
漏洞标题 CVE-2021-30128: Apache OFBiz <17.12.07 - Arbitrary Code Execution 漏洞描述 Apache OFBiz before 17.12.07 is susceptible to arbitrary code execution via unsafe deserializ...
CVE-2019-7192: QNAP QTS and Photo Station 6.0.3 – Remote Command Execution
漏洞标题 CVE-2019-7192: QNAP QTS and Photo Station 6.0.3 - Remote Command Execution 漏洞描述 This improper access control vulnerability allows remote attackers to gain unauthorized...
CVE-2023-26255: STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion
漏洞标题 CVE-2023-26255: STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion 漏洞描述 STAGIL Navigation for Jira Menu & Themes plugin before 2.0.52 i...
Apache OFBiz CVE-2021-29200 不安全的反序列化漏洞
漏洞标题 Apache OFBiz CVE-2021-29200 不安全的反序列化漏洞 漏洞描述 Apache OFBiz存在不安全的反序列化漏洞,此漏洞是缺乏校验导致的。 PoC代码 暂无
CVE-2023-36934: MOVEit Transfer – SQL Injection
漏洞标题 CVE-2023-36934: MOVEit Transfer - SQL Injection 漏洞描述 In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2...
CVE-2019-17564: Apache Dubbo 2.5.x-2.7.4 – Insecure Deserialization
漏洞标题 CVE-2019-17564: Apache Dubbo 2.5.x-2.7.4 - Insecure Deserialization 漏洞描述 Unsafe deserialization occurs within a Dubbo application which has HTTP remoting enabled. An a...





