漏洞标题 Apache Solr /solr/admin/info/properties:/admin/info/key 权限绕过漏洞（CVE-2024-45216） 漏洞描述 Apache Solr是一个开源搜索服务器，使用Java语言开发，主要基于HTTP和Apache Luc...

漏洞标题 CVE-2021-24762: WordPress Perfect Survey <1.5.2 - SQL Injection 漏洞描述 Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET p...

漏洞标题 CVE-2022-1724: WordPress Simple Membership <4.1.1 - Cross-Site Scripting 漏洞描述 WordPress Simple Membership plugin before 4.1.1 contains a reflected cross-site script...

漏洞标题 CVE-2014-8739: WordPress Sexy Contact Form (<= 0.9.7) - Arbitrary File Upload 漏洞描述 Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQu...

漏洞标题 CVE-2021-41460: ECShop 4.1.0 - SQL Injection 漏洞描述 ECShop 4.1.0 has SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information. Po...

漏洞标题 CVE-2015-6477: Nordex NC2 - Cross-Site Scripting 漏洞描述 Nordex NC2 contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script cod...

漏洞标题 CVE-2020-28653: ManageEngine OpManager SumPDU 12.1 - 12.5.232 - Java Deserialization 漏洞描述 Zoho ManageEngine OpManager Stable build before 125203 (and Released build be...

漏洞标题 CVE-2021-3287: Zoho ManageEngine OpManager < 12.5.329 - Remote Code Execution 漏洞描述 Zoho ManageEngine OpManager before 12.5.329 contains a remote code execution caus...

漏洞标题 CVE-2021-24287: WordPress Select All Categories and Taxonomies <1.3.2 - Cross-Site Scripting 漏洞描述 WordPress Select All Categories and Taxonomies plugin before 1.3.2...

漏洞标题 CVE-2024-40711: Veeam Backup & Replication - Unauthenticated 漏洞描述 A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthent...

漏洞标题 CVE-2004-1602: ProFTPD 1.2.x - Username Enumeration via Timing Attack 漏洞描述 ProFTPD versions 1.2.x (including 1.2.8 and 1.2.10) are vulnerable to timing attacks that al...

漏洞标题 CVE-2024-11972: Hunk Companion < 1.9.0 - Unauthenticated Plugin Installation 漏洞描述 The plugin does not correctly authorize some REST API endpoints, allowing unauthen...

漏洞标题 CVE-2023-0236: WordPress Tutor LMS <2.0.10 - Cross Site Scripting 漏洞描述 WordPress Tutor LMS plugin before 2.0.10 contains a cross-site scripting vulnerability. The p...

漏洞标题 CVE-2025-5961: WordPress WPvivid Backup & Migration Plugin <= 0.9.116 - Authenticated Arbitrary File Upload 漏洞描述 The Migration, Backup, Staging – WPvivid Backu...

漏洞标题 CVE-2011-5179: Skysa App Bar 1.04 - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in skysa-official/skysa.php in Skysa App Bar Integration plugin, pos...

漏洞标题 CirCarLifeScada停车场自动化管理系统values.xml-信息泄漏(CVE-2018-16670) 漏洞描述 【漏洞对象】Circontrol CirCarLife Scada 【漏洞描述】 Circontrol CirCarLifeScada是西班牙Circ...