漏洞标题 CVE-2016-1000128: WordPress anti-plagiarism <=3.60 - Cross-Site Scripting 漏洞描述 WordPress anti-plagiarism 3.6.0 and prior are vulnerable to reflected cross-site scri...

漏洞标题 CVE-2022-4328: WooCommerce Checkout Field Manager < 18.0 - Arbitrary File Upload 漏洞描述 The WooCommerce Checkout Field Manager WordPress plugin before 18.0 does not v...

漏洞标题 CVE-2025-49844: Redis Lua Parser < 8.2.2 - Use After Free 漏洞描述 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an ...

漏洞标题 CVE-2019-17233: WordPress Ultimate FAQs <= 1.8.24 – Unauthenticated HTML Content Injection 漏洞描述 Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin through 1...

漏洞标题 CVE-2024-9487: GitHub Enterprise - SAML Authentication Bypass 漏洞描述 An improper verification of cryptographic signature vulnerability was identified in GitHub Enterpris...

漏洞标题 CVE-2018-11759: Apache Tomcat JK Connect <=1.2.44 - Manager Access 漏洞描述 Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 allows specially constructed requests to...

漏洞标题 CVE-2024-6646: Netgear-WN604 downloadFile.php - Information Disclosure 漏洞描述 There is an information leakage vulnerability in the downloadFile.php interface of Netgear ...

漏洞标题 CVE-2018-12909: Webgrind fileviewer.phtml 任意文件读取漏洞 漏洞描述 Webgrind是一套PHP执行时间分析工具。其中Webgrind 1.5版本中存在安全漏洞，该漏洞源于程序依靠用户输入来显示...

漏洞标题 CVE-2021-39320: WordPress Under Construction <1.19 - Cross-Site Scripting 漏洞描述 WordPress Under Construction plugin before 1.19 contains a cross-site scripting vulne...

漏洞标题 CVE-2021-21234: Spring Boot Actuator Logview Directory Traversal 漏洞描述 spring-boot-actuator-logview before version 0.2.13 contains a directory traversal vulnerability i...

漏洞标题 CVE-2014-1841: Titan FTP Server < 10.40 Move Function - Directory Traversal 漏洞描述 Titan FTP Server versions prior to 10.40 build 1829 contain a directory traversal v...

漏洞标题 CVE-2016-4977: Spring Security OAuth2 Remote Command Execution 漏洞描述 Spring Security OAuth versions 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5 contain a remote command execution...

漏洞标题 CVE-2020-22165: PHPGurukul Hospital Management System 4.0 - SQL Injection 漏洞描述 PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \...

漏洞标题 CVE-2020-24312: WordPress Plugin File Manager (wp-file-manager) Backup Disclosure 漏洞描述 mndpsingh287 WP File Manager v6.4 and lower fails to restrict external access to...

漏洞标题 CVE-2019-9881: WPEngine WPGraphQL 0.2.3 - Unauthenticated Comment Posting 漏洞描述 The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress allows unauthenti...

升级远程 shell（仅限 Unix 机器） 通常，在通过 nc 捕获 shell 之后，会在一个功能非常有限的 shell 中。例如没有命令历史记录（并使用向上“”和“向下”箭头循环浏览它们）和文件名称、命令...