漏洞标题 CVE-2024-21644: pyLoad Flask Config - Access Control 漏洞描述 pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can brow...

漏洞标题 CVE-2018-11133: Quest KACE SMA /common/run_cross_report.php 'fmt' XSS 漏洞描述 The 'fmt' parameter of the '/common/run_cross_report.php' scri...

漏洞标题 CVE-2010-1471: Joomla! Component Address Book 1.5.0 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the AddressBook (com_addressbook) component 1.5....

漏洞标题 CVE-2016-10976: Safe Editor Plugin < 1.2 - CSS/JS-injection 漏洞描述 The safe-editor plugin before 1.2 for WordPress has no se_save authentication, with resultant XSS. ...

漏洞标题 CVE-2024-48208: Pure-FTPd < 1.0.52 - Buffer Overflow 漏洞描述 Pure-FTPd versions prior to 1.0.52 contain a buffer overflow vulnerability due to an out-of-bounds read in...

漏洞标题 CVE-2025-2010: WordPress JobWP Plugin <= 2.3.9 - SQL Injection 漏洞描述 The JobWP - Job Board, Job Listing, Career Page and Recruitment Plugin plugin for WordPress is v...

漏洞标题 CVE-2016-10033: WordPress PHPMailer < 5.2.18 - Remote Code Execution 漏洞描述 WordPress PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to...

漏洞标题 CVE-2024-43160: BerqWP <= 1.7.6 - Arbitrary File Upload 漏洞描述 The BerqWP Automated All-In-One PageSpeed Optimization Plugin for Core Web Vitals, Cache, CDN, Images, ...

漏洞标题 CVE-2022-26352: DotCMS - Arbitrary File Upload 漏洞描述 DotCMS management system contains an arbitrary file upload vulnerability via the /api/content/ path which can allow...

漏洞标题 CVE-2018-8006: Apache ActiveMQ <=5.15.5 - Cross-Site Scripting 漏洞描述 Apache ActiveMQ versions 5.0.0 to 5.15.5 are vulnerable to cross-site scripting via the web base...

编写python脚本实现SYN FLOOD（DDOS） 原理 SYN FLOOD是DDOS的一种，发生在OSI第四层，这种方式利用TCP协议的特性，就是三次握手。攻击者发送TCP SYN，SYN是TCP三次握手中的第一个数据包，当服...

漏洞标题 CVE-2020-9344: Jira Subversion ALM for Enterprise <8.8.2 - Cross-Site Scripting 漏洞描述 Jira Subversion ALM for Enterprise before 8.8.2 contains a cross-site scripting...

漏洞标题 CVE-2023-34659: JeecgBoot 3.5.0 - SQL Injection 漏洞描述 jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show in...

漏洞标题 CVE-2021-24351: WordPress The Plus Addons for Elementor <4.1.12 - Cross-Site Scripting 漏洞描述 WordPress The Plus Addons for Elementor plugin before 4.1.12 is suscepti...

漏洞标题 CVE-2021-20091: Buffalo WSR-2533DHPL2 - Configuration File Injection 漏洞描述 The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firm...

漏洞标题 CVE-2022-4325: WordPress Post Status Notifier Lite <1.10.1 - Cross-Site Scripting 漏洞描述 WordPress Post Status Notifier Lite plugin before 1.10.1 contains a cross-sit...