漏洞标题 CVE-2025-30567: WordPress WP01 - Path Traversal 漏洞描述 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wp01ru W...

漏洞标题 CVE-2025-55182: React Server Components - Remote Code Execution 漏洞描述 React Server Components 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including react-server-dom-parcel, reac...

漏洞标题 CVE-2020-29047: WP Hotel Booking < 1.10.4 - PHP Object Injection 漏洞描述 The wp-hotel-booking plugin through 1.10.2 for WordPress allows remote attackers to execute ar...

漏洞标题 CVE-2025-6970: WordPress Events Manager <= 7.0.3 - SQL Injection 漏洞描述 The Events Manager - Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable...

漏洞标题 CVE-2024-38653: Ivanti Avalanche SmartDeviceServer - XML External Entity 漏洞描述 XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attack...

漏洞标题 CVE-2022-1904: WordPress Easy Pricing Tables <3.2.1 - Cross-Site Scripting 漏洞描述 WordPress Easy Pricing Tables plugin before 3.2.1 contains a reflected cross-site sc...

漏洞标题 CVE-2014-4210: Oracle Weblogic - Server-Side Request Forgery 漏洞描述 An unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0...

漏洞标题 CVE-2019-16057: D-Link DNS-320 - Remote Code Execution 漏洞描述 The login_mgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command injection. PoC...

漏洞标题 chamilo model.ajax.php 存在sql注入漏洞 (CVE-2021-34187) 漏洞描述 Chamilo是一个开源的在线学习管理系统（LMS），用于创建和管理在线课程、培训和考试。它提供了一个完整的学习环境...

漏洞标题 CVE-2022-34753: SpaceLogic C-Bus Home Controller <=1.31.460 - Remote Command Execution 漏洞描述 SpaceLogic C-Bus Home Controller through 1.31.460 is susceptible to remo...

漏洞标题 CVE-2024-40711: Veeam Backup & Replication - Unauthenticated 漏洞描述 A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthent...

漏洞标题 CVE-2021-39320: WordPress Under Construction <1.19 - Cross-Site Scripting 漏洞描述 WordPress Under Construction plugin before 1.19 contains a cross-site scripting vulne...

漏洞标题 CVE-2004-1602: ProFTPD 1.2.x - Username Enumeration via Timing Attack 漏洞描述 ProFTPD versions 1.2.x (including 1.2.8 and 1.2.10) are vulnerable to timing attacks that al...

漏洞标题 CVE-2024-10486: Google for WooCommerce <= 2.8.6 - Information Disclosure via Publicly Accessible PHP Info File 漏洞描述 The Google for WooCommerce plugin for WordPress ...

漏洞标题 CVE-2012-4940: Axigen Mail Server Filename Directory Traversal 漏洞描述 Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Se...

漏洞标题 CVE-2020-11441: phpMyAdmin 5.0.2 - CRLF Injection 漏洞描述 phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields causin...