漏洞标题 CVE-2021-29490: Jellyfin 10.7.2 - Server Side Request Forgery 漏洞描述 Jellyfin is a free software media system. Versions 10.7.2 and below are vulnerable to unauthenticate...

漏洞标题 CVE-2018-6200: vBulletin - Open Redirect 漏洞描述 vBulletin 3.x.x and 4.2.x through 4.2.5 contains an open redirect vulnerability via the redirector.php URL parameter. An ...

漏洞标题 CVE-2021-24827: WordPress Asgaros Forum <1.15.13 - SQL Injection 漏洞描述 WordPress Asgaros Forum plugin before 1.15.13 is susceptible to SQL injection. The plugin does...

漏洞标题 CVE-2021-46417: Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion 漏洞描述 Franklin Fueling Systems Colibri Controller Module 1.8.19.85...

漏洞标题 CVE-2017-18518: SMTP by BestWebSoft < 1.1.0 - Cross-Site Scripting 漏洞描述 The bws-smtp plugin before 1.1.0 for WordPress has multiple XSS issues. PoC代码

漏洞标题 CVE-2022-1768: WordPress RSVPMaker <=9.3.2 - SQL Injection 漏洞描述 WordPress RSVPMaker plugin through 9.3.2 contains a SQL injection vulnerability due to insufficient ...

漏洞标题 CVE-2024-21644: pyLoad Flask Config - Access Control 漏洞描述 pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can brow...

漏洞标题 CVE-2020-27735: Wing FTP 6.4.4 - Cross-Site Scripting 漏洞描述 Wing FTP 6.4.4 is vulnerable to cross-site scripting via its web interface because an arbitrary IFRAME eleme...

漏洞标题 CVE-2022-21587: Oracle E-Business Suite 12.2.3 -12.2.11 - Remote Code Execution 漏洞描述 Oracle E-Business Suite 12.2.3 through 12.2.11 is susceptible to remote code execu...

漏洞标题 CVE-2024-55457: MasterSAM Star Gate v11 - Local File Inclusion 漏洞描述 MasterSAM Star Gate v11 is vulnerable to a directory traversal attack via the endpoint /adama/adama...

漏洞标题 CVE-2022-0826: WordPress WP Video Gallery <=1.7.1 - SQL Injection 漏洞描述 WordPress WP Video Gallery plugin through 1.7.1 contains a SQL injection vulnerability. The p...

漏洞标题 CVE-2022-34047: WAVLINK WN530HG4 - Improper Access Control 漏洞描述 WAVLINK WN530HG4 M30HG4.V5030.191116 is susceptible to improper access control. An attacker can obtain ...

漏洞标题 CVE-2020-12127: WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure 漏洞描述 WAVLINK WN530H4 M30H4.V5030.190403 contains an information disclosure vulnerability in...

漏洞标题 CVE-2025-6174: WordPress Qwizcards < 3.95 - Cross-Site Scripting (Reflected) 漏洞描述 The WordPress Qwizcards plugin before version 3.95 does not sanitise and escape th...

本文转载于公众号：融云攻防实验室，原文地址： 漏洞复现 西迪特 Wi-Fi Web管理系统 未授权RCE漏洞 西迪特提供的Wireless解决方案为客户提供一套云管理,可靠性高,覆盖范围广的无线组网产品。旨...

漏洞标题 CVE-2022-32430: Lin CMS Spring Boot - Default JWT Token 漏洞描述 An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information a...