CVE-2018-3810: Oturia WordPress Smart Google Code Inserter <3.5 - Authentication Bypass
漏洞标题 CVE-2018-3810: Oturia WordPress Smart Google Code Inserter <3.5 - Authentication Bypass 漏洞描述 Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allow...
CVE-2023-36144: Intelbras Switch – Information Disclosure
漏洞标题 CVE-2023-36144: Intelbras Switch - Information Disclosure 漏洞描述 An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an unauthenticated at...
CVE-2022-2034: WordPress Sensei LMS <4.5.0 - Information Disclosure
漏洞标题 CVE-2022-2034: WordPress Sensei LMS <4.5.0 - Information Disclosure 漏洞描述 WordPress Sensei LMS plugin before 4.5.0 is susceptible to information disclosure. The plug...
CVE-2018-1271: Spring MVC Framework – Local File Inclusion
漏洞标题 CVE-2018-1271: Spring MVC Framework - Local File Inclusion 漏洞描述 Spring MVC Framework versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported...
CVE-2023-48777: WordPress Elementor 3.18.1 – File Upload/Remote Code Execution
漏洞标题 CVE-2023-48777: WordPress Elementor 3.18.1 - File Upload/Remote Code Execution 漏洞描述 The plugin is vulnerable to Remote Code Execution via file upload via the template ...
CVE-2022-21661: WordPress Core 5.8.2 – ‘WP_Query’ SQL注入信息泄露漏洞
漏洞标题 CVE-2022-21661: WordPress Core 5.8.2 - 'WP_Query' SQL注入信息泄露漏洞 漏洞描述 此漏洞允许远程攻击者泄露有关受影响的WordPress核心安装的敏感信息,Authentication 不...
CVE-2022-0412: WordPress TI WooCommerce Wishlist <1.40.1 - SQL Injection
漏洞标题 CVE-2022-0412: WordPress TI WooCommerce Wishlist <1.40.1 - SQL Injection 漏洞描述 WordPress TI WooCommerce Wishlist plugin before 1.40.1 contains a SQL injection vulner...
CVE-2024-5217: ServiceNow – Incomplete Input Validation
漏洞标题 CVE-2024-5217: ServiceNow - Incomplete Input Validation 漏洞描述 ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vanco...
CVE-2023-4110: PHPJabbers Availability Booking Calendar 5.0 – Cross-Site Scripting
漏洞标题 CVE-2023-4110: PHPJabbers Availability Booking Calendar 5.0 - Cross-Site Scripting 漏洞描述 A vulnerability has been found in PHP Jabbers Availability Booking Calendar 5.0...
CVE-2023-0942: WordPress Japanized for WooCommerce <2.5.5 - Cross-Site Scripting
漏洞标题 CVE-2023-0942: WordPress Japanized for WooCommerce <2.5.5 - Cross-Site Scripting 漏洞描述 WordPress Japanized for WooCommerce plugin before 2.5.5 is susceptible to cros...
CVE-2024-34102: Adobe Commerce & Magento – CosmicSting
漏洞标题 CVE-2024-34102: Adobe Commerce & Magento - CosmicSting 漏洞描述 Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Res...
CVE-2013-4117: WordPress Plugin Category Grid View Gallery 2.3.1 – Cross-Site Scripting
漏洞标题 CVE-2013-4117: WordPress Plugin Category Grid View Gallery 2.3.1 - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in includes/CatGridPost.php in the Ca...
CVE-2021-24681: Duplicate Page WordPress – Stored Cross-Site Scripting
漏洞标题 CVE-2021-24681: Duplicate Page WordPress - Stored Cross-Site Scripting 漏洞描述 Duplicate Page WordPress plugin <= 4.4.2 contains a stored cross-site scripting caused b...
CVE-2022-23131_Zabbix登录绕过漏洞分析及复现
前言 由于传播、利用此文所提供的信息而造成的任何直接或者间接的后果及损失,均由使用者本人负责,文章作者不为此承担任何责任。 本文章中的漏洞均为公开的漏洞收集,如果文章中的漏洞出现敏感...
bugbounty技巧聚合20220217
漏洞报告 Cookie不失效 http://hackerone.com/reports/948345 缺少 SPF 记录 http://hackerone.com/reports/1416701 挖洞技巧 Bypass WAF http://hadess.io/waf-bypass-methods/ 零点击账号接管...
CVE-2010-2033: Joomla! Percha Categories Tree 0.6 – Local File Inclusion
漏洞标题 CVE-2010-2033: Joomla! Percha Categories Tree 0.6 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the Percha Fields Attach (com_perchafieldsattach) ...







