漏洞标题 Amcrest IP Camera Web Sha1Account1 账号密码泄漏漏洞(CVE-2017-8229) 漏洞描述 Amcrest IP Camera Web是Amcrest公司的一款无线IP摄像头，设备允许未经身份验证的攻击者下载管理凭据...

漏洞标题 CVE-2015-2196: WordPress Spider Calendar <=1.4.9 - SQL Injection 漏洞描述 WordPress Spider Calendar plugin through 1.4.9 is susceptible to SQL injection. An attacker ca...

漏洞标题 CVE-2023-2624: KiviCare WordPress Plugin - Cross-Site Scripting 漏洞描述 The KiviCare WordPress plugin before 3.2.1 does not sanitise and escape the 'filterType'...

漏洞标题 H3C Magic NX系列设备存在远程命令执行漏洞（CVE-2025-2725） 漏洞描述 H3C Magic NX系列设备（包括Magic NX15、Magic NX30 Pro、Magic NX400），以及Magic R系列设备（如MagicR3010）...

漏洞标题 CVE-2023-28432: MinIO Cluster Deployment - Information Disclosure 漏洞描述 MinIO is susceptible to information disclosure. In a cluster deployment starting with RELEASE.20...

漏洞标题 CVE-2022-39960: Jira Netic Group Export <1.0.3 - Missing Authorization 漏洞描述 Jira Netic Group Export add-on before 1.0.3 contains a missing authorization vulnerabili...

漏洞标题 CVE-2020-7961: Liferay Portal Unauthenticated < 7.2.1 CE GA2 - Remote Code Execution 漏洞描述 Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute ar...

漏洞标题 CVE-2017-11107: phpLDAPadmin <= 1.2.3 - Reflected XSS 漏洞描述 phpLDAPadmin <= 1.2.3 contains a reflected cross-site scripting caused by unsanitized input in htdocs/...

漏洞标题 CVE-2023-4169: 锐捷(ruijie)RG-EW1200G路由器 未授权后台登录密码修改（谨慎使用） 漏洞描述 Ruijie Networks RG-EW1200G是中国锐捷网络（Ruijie Networks）公司的一款无线路由器。 ...

漏洞标题 CVE-2023-3306: 锐捷(ruijie)RG-EW1200G路由器 远程命令执行(需登录) 漏洞描述 Ruijie Networks RG-EW1200G是中国锐捷网络（Ruijie Networks）公司的一款无线路由器。 Ruijie Networks...

漏洞标题 CVE-2025-1974-k8s: Ingress-Nginx Controller - Unauthenticated Remote Code Execution 漏洞描述 A security issue was discovered in ingress-nginx where the `auth-tls-match-cn`...

漏洞标题 CVE-2020-35234: SMTP WP Plugin Directory Listing 漏洞描述 The WordPress Easy WP SMTP Plugin has its log folder remotely accessible and its content available for access. Po...

漏洞标题 CVE-2023-32563: Ivanti Avalanche - Remote Code Execution 漏洞描述 An unauthenticated attacker could achieve the code execution through a RemoteControl server. PoC代码

漏洞标题 CVE-2016-3081: Apache S2-032 Struts - Remote Code Execution 漏洞描述 Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when dynamic method invoca...

打开连接，只有一个输入框，测试了半天sql，并没有什么鸟用 使用burp抓包，查看报文头发现有信息隐藏在hint里面 select * from 'admin' where password=md5($pass,true) md5($pass,true)知识补...

漏洞标题 CVE-2019-19411: Huawei Firewall - Local File Inclusion 漏洞描述 USG9500 with versions of V500R001C30SPC100, V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R0...