漏洞标题 CirCarLifeScada停车场自动化管理系统values.xml-信息泄漏(CVE-2018-16670) 漏洞描述 【漏洞对象】Circontrol CirCarLife Scada 【漏洞描述】 Circontrol CirCarLifeScada是西班牙Circ...

漏洞标题 CVE-2023-47253: Qualitor <= 8.20 - Remote Code Execution 漏洞描述 Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/ad...

漏洞标题 CVE-2012-0392: Apache Struts2 S2-008 RCE 漏洞描述 The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows r...

漏洞标题 CVE-2024-8425: WooCommerce Ultimate Gift Card ≤ 2.6.0 - Arbitrary File Upload 漏洞描述 The WooCommerce Ultimate Gift Card plugin for WordPress is vulnerable to arbitrary ...

漏洞标题 CVE-2018-7422: WordPress Site Editor <=1.1.1 - Local File Inclusion 漏洞描述 WordPress Site Editor through 1.1.1 allows remote attackers to retrieve arbitrary files via...

漏洞标题 CVE-2012-6499: WordPress Plugin Age Verification v0.4 - Open Redirect 漏洞描述 Open redirect vulnerability in age-verification.php in the Age Verification plugin 0.4 and e...

漏洞标题 CVE-2017-18505: BestWebSoft's Twitter < 2.55 - Cross-Site Scripting 漏洞描述 The twitter-plugin plugin before 2.55 for WordPress has XSS. PoC代码

漏洞标题 CVE-2018-10201: Ncomputing vSPace Pro 10 and 11 - Directory Traversal 漏洞描述 Ncomputing vSpace Pro versions 10 and 11 suffer from a directory traversal vulnerability. Po...

漏洞标题 CVE-2021-21973: VMware vSphere - Server-Side Request Forgery 漏洞描述 VMware vSphere (HTML5) is susceptible to server-side request forgery due to improper validation of UR...

漏洞标题 CVE-2019-9874: Sitecore Experience Platform - Deserialization of Untrusted Data 漏洞描述 Sitecore Experience Platform before 8.2 Update-7 and 9.0 before Update-2 is vulner...

打开环境就只是提示，flag在哪里呢？，查看源代码，和网络加载都没有什么线索，只能扫一下目录，但是buu靶场一扫目录就429，难受，看了大佬的笔记，有一个git文件泄露。 git源码泄露，可以看看...

漏洞标题 Commvault /commandcenter/deployServiceCommcell.do 文件上传漏洞（CVE-2025-34028） 漏洞描述 Commvault是一款数据保护或网络弹性解决方案，为企业备份和复制套件。&nbsp;Commva...

漏洞标题 CVE-2018-16133: Cybrotech CyBroHttpServer 1.0.3 - Local File Inclusion 漏洞描述 Cybrotech CyBroHttpServer 1.0.3 is vulnerable to local file inclusion in the URI. PoC代码

漏洞标题 CVE-2025-49001: Dataease JWT 认证绕过漏洞 漏洞描述 CVE-2025-49001 是由于JWT校验机制错误导致攻击者可伪造JWT令牌绕过身份验证流程 fofa: body="/js/index-0.0.0-dataease.js...

漏洞标题 CVE-2023-39108: rConfig 3.9.4 - Server-Side Request Forgery 漏洞描述 rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_b parameter...

漏洞标题 CVE-2022-24260: VoipMonitor - Pre-Auth SQL Injection 漏洞描述 A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileges to the...