漏洞标题 CVE-2018-10201: Ncomputing vSPace Pro 10 and 11 - Directory Traversal 漏洞描述 Ncomputing vSpace Pro versions 10 and 11 suffer from a directory traversal vulnerability. Po...

漏洞标题 Atlassian Confluence CVE-2023-22515 权限提升漏洞 (阶段1: 属性修改) 漏洞描述 Atlassian Confluence CVE-2023-22515 权限提升漏洞 (阶段1: 属性修改) 日期: 2024-02-07 | 影响软件:...

漏洞标题 CVE-2020-13927: Airflow Experimental <1.10.11 - REST API Auth Bypass 漏洞描述 Airflow's Experimental API prior 1.10.11 allows all API requests without authenticati...

漏洞标题 CVE-2022-28508: MantisBT < 2.25.2 - Cross-Site Scripting 漏洞描述 MantisBT before 2.25.2 contains a cross-site scripting vulnerability in browser_search_plugin.php. The...

漏洞标题 Apache OFBiz CVE-2024-32113 目录遍历漏洞 漏洞描述 Apache OFBiz 存在目录遍历漏洞，此漏洞是由于未充分验证用户输入的url所导致的。 PoC代码 暂无

漏洞标题 CVE-2025-32429: XWiki Platform - SQL Injection 漏洞描述 XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In version...

漏洞标题 CVE-2024-23692: HTTP File Server Template_injection 漏洞描述 Rejetto HTTP文件服务器，直到并包括2.3m版本，都存在模板注入漏洞。此漏洞允许远程、未经认证的攻击者通过发送特制的...

漏洞标题 CVE-2025-34031: Moodle Jmol Filter 6.1 - Local File Inclusion 漏洞描述 Moodle Jmol Filter 6.1 is vulnerable to local file inclusion through the jsmol.php file, allowing at...

漏洞标题 CVE-2019-0232: Apache Tomcat `CGIServlet` enableCmdLineArguments - Remote Code Execution 漏洞描述 When running on Windows with enableCmdLineArguments enabled, the CGI Serv...

漏洞标题 CVE-2018-5316: WordPress SagePay Server Gateway for WooCommerce <1.0.9 - Cross-Site Scripting 漏洞描述 WordPress SagePay Server Gateway for WooCommerce before 1.0.9 is ...

漏洞标题 CVE-2022-29464: WSO2 Management - Arbitrary File Upload & Remote Code Execution 漏洞描述 Certain WSO2 products allow unrestricted file upload with resultant remote cod...

漏洞标题 CVE-2020-12116: Zoho ManageEngine OpManger - Arbitrary File Read 漏洞描述 Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an...

漏洞标题 CVE-2010-1534: Joomla! Component Shoutbox Pro - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the Shoutbox Pro (com_shoutbox) component for Joomla! ...

漏洞标题 CVE-2010-1217: Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the JE Form Creator (com_jeformcr) comp...

漏洞标题 CVE-2025-49001: Dataease JWT 认证绕过漏洞 漏洞描述 CVE-2025-49001 是由于JWT校验机制错误导致攻击者可伪造JWT令牌绕过身份验证流程 fofa: body="/js/index-0.0.0-dataease.js...

漏洞标题 CVE-2021-39146: XStream 1.4.18 - Arbitrary Code Execution 漏洞描述 XStream 1.4.18 is susceptible to remote code execution. An attacker can execute commands of the host by ...