漏洞标题 CVE-2021-24442: Wordpress Polls Widget < 1.5.3 - SQL Injection 漏洞描述 The Poll, Survey, Questionnaire and Voting system WordPress plugin before 1.5.3 did not sanitise...

漏洞标题 CVE-2019-14251: T24 Web Server - Local File Inclusion 漏洞描述 T24 web server is vulnerable to unauthenticated local file inclusion that permits an attacker to exfiltrate ...

漏洞标题 CVE-2010-1306: Joomla! Component Picasa 2.0 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 f...

漏洞标题 CVE-2024-38653: Ivanti Avalanche SmartDeviceServer - XML External Entity 漏洞描述 XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attack...

漏洞标题 CVE-2021-36888: WordPress Image Hover Ultimate - Unauthenticated Settings Update 漏洞描述 Unauthenticated Arbitrary Options Update vulnerability leading to full website co...

漏洞标题 CVE-2023-49103: OwnCloud - Phpinfo Configuration 漏洞描述 An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app...

漏洞标题 CVE-2023-25157: GeoServer OGC Filter - SQL Injection 漏洞描述 GeoServer is an open source software server written in Java that allows users to share and edit geospatial da...

漏洞标题 CVE-2020-24186: WordPress wpDiscuz <=7.0.4 - Remote Code Execution 漏洞描述 WordPress wpDiscuz plugin versions version 7.0 through 7.0.4 are susceptible to remote code ...

漏洞标题 CVE-2024-8877: Riello Netman 204 - SQL Injection 漏洞描述 The three endpoints /cgi-bin/db_datalog_w.cgi, /cgi-bin/db_eventlog_w.cgi, and /cgi-bin/db_multimetr_w.cgi are vu...

漏洞标题 CVE-2024-6646: Netgear-WN604 downloadFile.php - Information Disclosure 漏洞描述 There is an information leakage vulnerability in the downloadFile.php interface of Netgear ...

漏洞标题 CVE-2017-5638: Apache Struts 2 - Remote Command Execution S2-045 S2-046 漏洞描述 Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 is vulnerable to remote comm...

漏洞标题 CVE-2016-1000154: WordPress WHIZZ <=1.0.7 - Cross-Site Scripting 漏洞描述 WordPress plugin WHIZZ 1.07 and before contains a reflected cross-site scripting vulnerability...

漏洞标题 CVE-2019-19134: WordPress Hero Maps Premium <=2.2.1 - Cross-Site Scripting 漏洞描述 WordPress Hero Maps Premium plugin 2.2.1 and prior contains an unauthenticated refle...

漏洞标题 CVE-2022-3590: WordPress <= 6.2 - Server Side Request Forgery 漏洞描述 WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCT...

漏洞标题 CVE-2018-20526: Roxy Fileman 1.4.5 - Unrestricted File Upload 漏洞描述 Roxy Fileman 1.4.5 is susceptible to unrestricted file upload via upload.php. An attacker can execut...

漏洞标题 CVE-2022-23808: phpMyAdmin < 5.1.2 - Cross-Site Scripting 漏洞描述 An issue was discovered in phpMyAdmin 5.1 before 5.1.2 that could allow an attacker to inject malicio...