漏洞标题 CVE-2022-0817: WordPress BadgeOS <=3.7.0 - SQL Injection 漏洞描述 WordPress BadgeOS plugin through 3.7.0 contains a SQL injection vulnerability. It does not sanitize an...

这篇文章主要介绍了Linux inotify实时备份实现方法详解,文中通过示例代码介绍的非常详细，对大家的学习或者工作具有一定的参考学习价值,需要的朋友可以参考下 实时复制是企业数据备份最重要的方...

漏洞标题 CVE-2022-23131: Zabbix - SAML SSO Authentication Bypass 漏洞描述 When SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor b...

漏洞标题 CVE-2010-1312: Joomla! Component News Portal 1.5.x - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the iJoomla News Portal (com_news_portal) compone...

漏洞标题 CVE-2023-40751: PHPJabbers Fundraising Script v1.0 - Cross-Site Scripting 漏洞描述 PHPJabbers Fundraising Script v1.0 is vulnerable to Cross Site Scripting (XSS) via the &...

漏洞标题 CVE-2020-12116: Zoho ManageEngine OpManger - Arbitrary File Read 漏洞描述 Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an...

漏洞标题 CVE-2018-19287: WordPress Ninja Forms <3.3.18 - Cross-Site Scripting 漏洞描述 WordPress Ninja Forms plugin before 3.3.18 contains a cross-site scripting vulnerability. ...

漏洞标题 CVE-2022-0760: WordPress Simple Link Directory <7.7.2 - SQL injection 漏洞描述 WordPress Simple Link Directory plugin before 7.7.2 contains a SQL injection vulnerabilit...

漏洞标题 CVE-2021-42192: KONGA 0.14.9 - Privilege Escalation 漏洞描述 KONGA 0.14.9 allows attackers to set higher privilege users to full administration access. The attack vector i...

漏洞标题 CVE-2021-46418: Telesquare TLR-2855KS6 - Arbitrary File Creation 漏洞描述 An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow cr...

漏洞标题 CVE-2023-39598: IceWarp Email Client - Cross Site Scripting 漏洞描述 Cross Site Scripting vulnerability in IceWarp Corporation WebClient v.10.2.1 allows a remote attacker ...

漏洞标题 CVE-2020-29395: Wordpress EventON Calendar 3.0.5 - Cross-Site Scripting 漏洞描述 Wordpress EventON Calendar 3.0.5 is vulnerable to cross-site scripting because it allows a...

漏洞标题 CVE-2023-1177: MLflow get-artifact 任意文件读取漏洞 漏洞描述 使用 MLflow 模型注册表托管 MLflow 开源项目的用户 mlflow server或者 mlflow ui使用早于 MLflow 2.2.1 的 MLflow 版...

漏洞标题 CVE-2023-4973: Academy LMS 6.2 - Cross-Site Scripting 漏洞描述 A vulnerability was found in Academy LMS 6.2 on Windows. It has been declared as problematic. Affected by th...

漏洞标题 CVE-2021-24891: WordPress Elementor Website Builder <3.1.4 - Cross-Site Scripting 漏洞描述 WordPress Elementor Website Builder plugin before 3.1.4 contains a DOM cross-...

本文转载于公众号：融云攻防实验室，原文地址： 漏洞复现 CVE-2014-4113 (MS14-058)提权 windows win32k.sys提权漏洞 Microsoft Windows下的win32k.sys是Windows子系统的内核部分，是一个内核模...