漏洞标题 Agentejo Cockpit /auth/check < 0.11.2 NoSQL注入(CVE-2020-35846) 漏洞描述 0.11.2之前的AgentejoCockpit允许通过Controller/Auth.php检查函数进行NoSQL注入。$eq操作符匹配字段...

漏洞标题 CVE-2022-33107: ThinkPHP 6.0.12 反序列化 RCE 漏洞描述 通过组件 vendor\league\flysystem-cached-adapter\src\Storage\AbstractCache.php 发现 ThinkPHP v6.0.12 包含反序列化漏洞...

漏洞标题 CVE-2016-10960: WordPress wSecure Lite < 2.4 - Remote Code Execution 漏洞描述 WordPress wsecure plugin before 2.4 is susceptible to remote code execution via shell meta...

漏洞标题 CVE-2020-24148: Import XML & RSS Feeds WordPress Plugin <= 2.0.1 Server-Side Request Forgery 漏洞描述 WordPress plugin Import XML and RSS Feeds (import-xml-feed) pl...

漏洞标题 CVE-2018-5316: WordPress SagePay Server Gateway for WooCommerce <1.0.9 - Cross-Site Scripting 漏洞描述 WordPress SagePay Server Gateway for WooCommerce before 1.0.9 is ...

漏洞标题 CVE-2010-1217: Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the JE Form Creator (com_jeformcr) comp...

漏洞标题 CVE-2022-35653: Moodle LTI module Reflected - Cross-Site Scripting 漏洞描述 A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due ...

漏洞标题 CVE-2021-24358: Plus Addons for Elementor Page Builder < 4.1.10 - Open Redirect 漏洞描述 WordPress Plus Addons for Elementor Page Builder before 4.1.10 did not validate...

漏洞标题 CVE-2023-38879: openSIS v9.0 - Path Traversal 漏洞描述 A path traversal vulnerability exists in openSIS Classic Community Edition v9.0 via the 'filename' paramet...

漏洞标题 CVE-2020-1943: Apache OFBiz <=16.11.07 - Cross-Site Scripting 漏洞描述 Apache OFBiz 16.11.01 to 16.11.07 is vulnerable to cross-site scripting because data sent with co...

漏洞标题 CVE-2025-34027: Versa Concerto API Path Based - Authentication Bypass 漏洞描述 Authentication bypass in the Versa Concerto API, caused by URL decoding inconsistencies. It ...

漏洞标题 CVE-2017-11586: FineCMS <5.0.9 - Open Redirect 漏洞描述 FineCMS 5.0.9 contains an open redirect vulnerability via the url parameter in a sync action. An attacker can re...

漏洞标题 CVE-2023-34990: FortiWLM - Directory Traversal 漏洞描述 A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker ...

这篇文章主要介绍了Nexus使用nginx代理实现支持HTTPS协议,文中通过示例代码介绍的非常详细，对大家的学习或者工作具有一定的参考学习价值,需要的朋友可以参考下 背景 公司全部网站需要支持 HTTP...

漏洞标题 CVE-2022-4260: WordPress WP-Ban <1.69.1 - Stored Cross-Site Scripting 漏洞描述 WordPress WP-Ban plugin before 1.69.1 contains a stored cross-site scripting vulnerabilit...

漏洞标题 CVE-2015-1427: ElasticSearch - Remote Code Execution 漏洞描述 ElasticSearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection me...