漏洞标题 CVE-2021-24931: WordPress Secure Copy Content Protection and Content Locking <2.8.2 - SQL Injection 漏洞描述 WordPress Secure Copy Content Protection and Content Lockin...

漏洞标题 Apache Druid Kafka Connect 远程代码执行漏洞（CVE-2023-25194） 漏洞描述 Apache Druid 是一个开源的分布式数据存储和分析系统。它设计用于处理大规模的实时数据，并提供快速的交互...

漏洞标题 CVE-2024-40711: Veeam Backup & Replication - Unauthenticated 漏洞描述 A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthent...

漏洞标题 CVE-2020-4463: IBM Maximo Asset Management Information Disclosure - XML External Entity Injection 漏洞描述 IBM Maximo Asset Management is vulnerable to an XML external ent...

漏洞标题 CVE-2024-4956: Nexus Repository Manager 文件读取漏洞 漏洞描述 Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed ...

漏洞标题 CVE-2018-16059: WirelessHART Fieldgate SWG70 3.0 - Local File Inclusion 漏洞描述 WirelessHART Fieldgate SWG70 3.0 is vulnerable to local file inclusion via the fcgi-bin/wg...

漏洞标题 CVE-2020-22209: 74cms - ajax_common.php SQL Injection 漏洞描述 SQL Injection in 74cms 3.2.0 via the query parameter to plus/ajax_common.php. PoC代码

漏洞标题 CVE-2021-24227: Patreon WordPress <1.7.0 - Unauthenticated Local File Inclusion 漏洞描述 Patreon WordPress before version 1.7.0 is vulnerable to unauthenticated local f...

漏洞标题 CVE-2025-2747: Kentico Xperience 13 CMS - Staging Service Authentication Bypass (WT-2025-0006) 漏洞描述 An authentication bypass vulnerability in Kentico Xperience allows ...

漏洞标题 CVE-2021-21234: Spring Boot Actuator Logview Directory Traversal 漏洞描述 spring-boot-actuator-logview before version 0.2.13 contains a directory traversal vulnerability i...

漏洞标题 CVE-2024-4257: BlueNet Technology Clinical Browsing System 1.2.1 - Sql Injection 漏洞描述 A vulnerability was found in BlueNet Technology Clinical Browsing System 1.2.1. I...

漏洞标题 CVE-2023-22478: KubePi <= v1.6.4 LoginLogsSearch - Unauthorized Access 漏洞描述 KubePi is a modern Kubernetes panel. The API interfaces with unauthorized entities and m...

漏洞标题 CVE-2014-3206: Seagate BlackArmor NAS - Command Injection 漏洞描述 Seagate BlackArmor NAS allows remote attackers to execute arbitrary code via the session parameter to lo...

漏洞标题 Apache OFBiz CVE-2023-50968 服务端请求伪造漏洞 漏洞描述 Apache OFBiz存在服务器端请求伪造漏洞。此漏洞是由于对requiredLabel参数缺乏校验导致的。 PoC代码 暂无

漏洞标题 CVE-2019-5127: YouPHPTube Encoder 2.3 - Remote Command Injection 漏洞描述 YouPHPTube Encoder 2.3 is susceptible to a command injection vulnerability which could allow an a...

漏洞标题 CVE-2021-21972: VMware vSphere Client (HTML5) - Remote Code Execution 漏洞描述 VMware vCenter vSphere Client (HTML5) contains a remote code execution vulnerability in a vC...