漏洞标题 CVE-2012-4242: WordPress Plugin MF Gig Calendar 0.9.2 - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in the MF Gig Calendar plugin 0.9.2 for WordPres...

漏洞标题 CVE-2025-44177: White Star Software ProTop - Directory Traversal 漏洞描述 A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2-20...

漏洞标题 CVE-2018-12909: Webgrind fileviewer.phtml 任意文件读取漏洞 漏洞描述 Webgrind是一套PHP执行时间分析工具。其中Webgrind 1.5版本中存在安全漏洞，该漏洞源于程序依靠用户输入来显示...

漏洞标题 CVE-2020-21224: Inspur ClusterEngine 4.0 - Remote Code Execution 漏洞描述 Inspur ClusterEngine V4.0 is suscptible to a remote code execution vulnerability. A remote attack...

漏洞标题 CVE-2023-6023: VertaAI ModelDB - Path Traversal 漏洞描述 The endpoint "/api/v1/artifact/getArtifact?artifact_path=" is vulnerable to path traversal. The main cau...

漏洞标题 CVE-2023-27639: PrestaShop TshirteCommerce - Directory Traversal 漏洞描述 The Custom Product Designer (tshirtecommerce) module for PrestaShop allows HTTP requests to be fo...

漏洞标题 CVE-2020-14408: Agentejo Cockpit 0.10.2 - Cross-Site Scripting 漏洞描述 Agentejo Cockpit 0.10.2 contains a reflected cross-site scripting vulnerability due to insufficient...

漏洞标题 CVE-2019-9632: ESAFENET CDG - Arbitrary File Download 漏洞描述 ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability via the fileName parameter in download.j...

漏洞标题 CVE-2022-21587: Oracle E-Business Suite 12.2.3 -12.2.11 - Remote Code Execution 漏洞描述 Oracle E-Business Suite 12.2.3 through 12.2.11 is susceptible to remote code execu...

漏洞标题 CVE-2021-26855: Microsoft Exchange Server Remote Code Execution 漏洞描述 Microsoft Exchange Server Remote Code Execution Vulnerability PoC代码

漏洞标题 Apache Nifi 信息泄露漏洞（CVE-2024-56512) 漏洞描述 ApacheNiFi是一款用于提取、转换和加载数据的软件工具。NiFi通过内置处理器集成了许多不同的数据类型和文件格式。通过集成FTL、S...

FOFA指纹：app='gitlab' curl -s http://git.huoxian.cn/api/v4/users/{userid} | jq 文字来源于- 火线 Zone-云安全社区，安全小天地只做文章分享，如有侵权，请联系站长删除

漏洞标题 CVE-2019-19824: TOTOLINK Realtek SD Routers - Remote Command Injection 漏洞描述 TOTOLINK Realtek SDK based routers may allow an authenticated attacker to execute arbitrary...

漏洞标题 CVE-2010-1878: Joomla! Component OrgChart 1.0.0 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the OrgChart (com_orgchart) component 1.0.0 for Joom...

3月20日，Lapsus$勒索软件团伙在Telegram上发布消息称已经成功入侵了微软的Azure DevOps服务器，并分享了微软内部源代码存储库的屏幕截图。其中一个存储库包含 Cortana 和Bing项目的源代码（例...

漏洞标题 CVE-2020-6287: SAP NetWeaver AS JAVA 7.30-7.50 - Remote Admin Addition 漏洞描述 SAP NetWeaver AS JAVA (LM Configuration Wizard), versions 7.30, 7.31, 7.40, 7.50, does not ...