最新发布第146页
CVE-2025-2010: WordPress JobWP Plugin <= 2.3.9 - SQL Injection
漏洞标题 CVE-2025-2010: WordPress JobWP Plugin <= 2.3.9 - SQL Injection 漏洞描述 The JobWP - Job Board, Job Listing, Career Page and Recruitment Plugin plugin for WordPress is v...
CVE-2020-14883: Oracle Fusion Middleware WebLogic Server Administration Console – Remote Code Execution
漏洞标题 CVE-2020-14883: Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution 漏洞描述 The Oracle Fusion Middleware WebLogic Server admin console...
CVE-2017-1000029: Oracle GlassFish Server Open Source Edition 3.0.1 – Local File Inclusion
漏洞标题 CVE-2017-1000029: Oracle GlassFish Server Open Source Edition 3.0.1 - Local File Inclusion 漏洞描述 Oracle GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnera...
CVE-2025-34026: Versa Concerto Actuator Endpoint – Authentication Bypass
漏洞标题 CVE-2025-34026: Versa Concerto Actuator Endpoint - Authentication Bypass 漏洞描述 An authentication bypass vulnerability affected the Spring Boot Actuator endpoints in Ver...
CVE-2023-1177: MLflow get-artifact 任意文件读取漏洞
漏洞标题 CVE-2023-1177: MLflow get-artifact 任意文件读取漏洞 漏洞描述 使用 MLflow 模型注册表托管 MLflow 开源项目的用户 mlflow server或者 mlflow ui使用早于 MLflow 2.2.1 的 MLflow 版...
CVE-2017-10974: Yaws 1.91 – Local File Inclusion
漏洞标题 CVE-2017-10974: Yaws 1.91 - Local File Inclusion 漏洞描述 Yaws 1.91 allows unauthenticated local file inclusion via /%5C../ submitted to port 8080. PoC代码
CVE-2023-30192: PrestaShop ‘possearchproducts’ <= 1.7 - SQL Injection
漏洞标题 CVE-2023-30192: PrestaShop 'possearchproducts' <= 1.7 - SQL Injection 漏洞描述 In the module “Search Products” (possearchproducts) from PosThemes for Presta...
CVE-2024-10516: Swift Performance Lite < 2.3.7.2 - Local PHP File Inclusion
漏洞标题 CVE-2024-10516: Swift Performance Lite < 2.3.7.2 - Local PHP File Inclusion 漏洞描述 A vulnerability in Swift Performance Lite before version 2.3.7.2 allows unauthentic...
CVE-2017-17059: WordPress amtyThumb Posts 8.1.3 – Cross-Site Scripting
漏洞标题 CVE-2017-17059: WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting 漏洞描述 WordPress amty-thumb-recent-post plugin 8.1.3 contains a cross-site scripting vulnerability...
CVE-2024-34257: TOTOLINK EX1800T TOTOLINK EX1800T – Command Injection
漏洞标题 CVE-2024-34257: TOTOLINK EX1800T TOTOLINK EX1800T - Command Injection 漏洞描述 TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypType paramete...
Clash rce
杂谈 Clash相信你们都不陌生,就是我们平常使用VPN时最常用的软件 就在前几个小时爆出了RCE漏洞,我们立马给大家复现一下! clash存在漏洞版本 目前发现的漏洞版本是0.15.2,您可以下载下面的软...
CVE-2015-9406: mTheme Unus < 2.3 - Directory Traversal
漏洞标题 CVE-2015-9406: mTheme Unus < 2.3 - Directory Traversal 漏洞描述 The mTheme-Unus theme for WordPress, prior to version 2.3, contained a directory traversal flaw that let...
CVE-2020-13483: Bitrix24 <=20.0.0 - Cross-Site Scripting
漏洞标题 CVE-2020-13483: Bitrix24 <=20.0.0 - Cross-Site Scripting 漏洞描述 The Web Application Firewall in Bitrix24 up to and including 20.0.0 allows XSS via the items[ITEMS][ID...
CVE-2023-3578: DedeCMS 5.7.109 – Server-Side Request Forgery
漏洞标题 CVE-2023-3578: DedeCMS 5.7.109 - Server-Side Request Forgery 漏洞描述 Manipulation of the rssurl parameter in co_do.php leads to server-side request forgery in DedeCMS ver...
世界最大劳动力管理平台Kronos遭攻击
昨日开始,多家有业务依托于Kronos的企业与组织陷入混乱,除面临数据泄露外,工资单、员工调度、工作安排、休假管理等事项皆停滞,而这一切都是因为Kronos遭受了勒索软件攻击,使其云服务预计在...
CVE-2022-0208: WordPress Plugin MapPress <2.73.4 - Cross-Site Scripting
漏洞标题 CVE-2022-0208: WordPress Plugin MapPress <2.73.4 - Cross-Site Scripting 漏洞描述 WordPress Plugin MapPress before version 2.73.4 does not sanitize and escape the '...







