漏洞标题 CVE-2019-13392: MindPalette NateMail 3.0.15 - Cross-Site Scripting 漏洞描述 MindPalette NateMail 3.0.15 is susceptible to reflected cross-site scripting which could allows...

漏洞标题 CVE-2020-26413: Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure 漏洞描述 GitLab CE and EE 13.4 through 13.6.2 is susceptible to Information disclosure via GraphQL. Use...

漏洞标题 CVE-2023-34124: SonicWall GMS and Analytics Web Services - Shell Injection 漏洞描述 The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficie...

漏洞标题 CVE-2022-27849: WordPress Simple Ajax Chat <20220116 - Sensitive Information Disclosure vulnerability 漏洞描述 WordPress Simple Ajax Chat before 20220216 is vulnerable ...

漏洞标题 CVE-2022-44290: WebTareas 2.4p5 - SQL Injection 漏洞描述 webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstag...

漏洞标题 CVE-2016-10134: Zabbix - SQL Injection 漏洞描述 Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids arra...

这篇文章主要介绍了docker如何安装mysql，总结了安装心得，帮助大家更好的使用docker镜像，感兴趣的朋友可以了解下 最近在部署django，不想在手动安装一遍mysql，便尝试使用docker，总结了安装...

漏洞标题 CVE-2025-6403: Code-Projects School Fees Payment System 1.0 - SQL Injection 漏洞描述 A vulnerability was found in code-projects School Fees Payment System 1.0. It has been...

漏洞标题 CVE-2023-0948: WordPress Japanized for WooCommerce <2.5.8 - Cross-Site Scripting 漏洞描述 WordPress Japanized for WooCommerce plugin before 2.5.8 is susceptible to cros...

漏洞标题 CVE-2021-21234: Spring Boot Actuator Logview Directory Traversal 漏洞描述 spring-boot-actuator-logview before version 0.2.13 contains a directory traversal vulnerability i...

漏洞标题 CVE-2012-1835: WordPress Plugin All-in-One Event Calendar 1.4 - Cross-Site Scripting 漏洞描述 Multiple cross-site scripting vulnerabilities in the All-in-One Event Calenda...

漏洞标题 CVE-2024-4898: WordPress InstaWP Connect <= 0.1.0.38 - Unauthenticated User Creation 漏洞描述 The InstaWP Connect – 1-click WP Staging & Migration plugin for WordP...

漏洞标题 Artica Pandora FMS未授权访问(CVE-2020-8497) 漏洞描述 Artica Pandora FMS是西班牙Artica公司的一套监控系统，在 Artica Pandora FMS 到 7.42中，未经身份验证的攻击者可以读取聊天...

前言 今天在帮同学使用Todesk远程解决问题的时候，突然想到了以前关于向日葵配置文件的相关利用，可以读取到临时密码，然后使用脚本进行爆破，得到明文之后即可远程连接，现在已经修复了 同理，...

漏洞标题 CVE-2016-2389: SAP xMII 15.0 for SAP NetWeaver 7.4 - Local File Inclusion 漏洞描述 SAP xMII 15.0 for SAP NetWeaver 7.4 is susceptible to a local file inclusion vulnerabili...

漏洞标题 CVE-2008-1061: WordPress Sniplets <=1.2.2 - Cross-Site Scripting 漏洞描述 WordPress Sniplets 1.1.2 and 1.2.2 plugin contains a cross-site scripting vulnerability which ...