漏洞标题 CVE-2021-22175: GitLab CI Lint API - Server-Side Request Forgery 漏洞描述 GitLab 10.5 and later contain a server-side request forgery caused by insecure handling of webhoo...

漏洞标题 CVE-2018-17207: WordPress Duplicator Plugin < 1.2.42 - Arbitrary Code Execution 漏洞描述 An issue was discovered in Snap Creek Duplicator before 1.2.42. By accessing le...

漏洞标题 CVE-2023-25573: Metersphere - Arbitrary File Read 漏洞描述 Metersphere is an open source continuous testing platform. In affected versions an improper access control vulne...

漏洞标题 CVE-2023-52251: Kafka UI 0.7.1 Command Injection 漏洞描述 An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code v...

漏洞标题 CVE-2021-24316: WordPress Mediumish Theme <=1.0.47 - Cross-Site Scripting 漏洞描述 WordPress Mediumish theme 1.0.47 and prior contains an unauthenticated reflected cros...

漏洞标题 CVE-2018-7700: DedeCMS 5.7SP2 - Cross-Site Request Forgery/Remote Code Execution 漏洞描述 DedeCMS 5.7SP2 is susceptible to cross-site request forgery with a corresponding ...

漏洞标题 CVE-2023-43325: MooSocial 3.1.8 - Cross-Site Scripting 漏洞描述 A reflected cross-site scripting (XSS) vulnerability exisits in the data[redirect_url] parameter on user lo...

漏洞标题 CVE-2022-40022: Symmetricom SyncServer Unauthenticated - Remote Command Execution 漏洞描述 Microchip Technology (Microsemi) SyncServer S650 was discovered to contain a com...

漏洞标题 CVE-2023-5074: D-Link D-View 8 v2.0.1.28 - Authentication Bypass 漏洞描述 Use of a static key to protect a JWT token used in user authentication can allow an for an authen...

漏洞标题 CVE-2021-37292: KevinLAB BEMS (Building Energy Management System) - Backdoor Account 漏洞描述 KevinLAB BEMS has an undocumented backdoor account, and these sets of credent...

漏洞标题 CVE-2019-14696: Open-School 3.0/Community Edition 2.3 - Cross-Site Scripting 漏洞描述 Open-School 3.0, and Community Edition 2.3, allows cross-site scripting via the osv/i...

漏洞标题 CVE-2021-39320: WordPress Under Construction <1.19 - Cross-Site Scripting 漏洞描述 WordPress Under Construction plugin before 1.19 contains a cross-site scripting vulne...

漏洞标题 CVE-2021-24970: WordPress All-In-One Video Gallery <2.5.0 - Local File Inclusion 漏洞描述 WordPress All-in-One Video Gallery plugin before 2.5.0 is susceptible to local...

漏洞标题 CVE-2022-3590: WordPress <= 6.2 - Server Side Request Forgery 漏洞描述 WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCT...

漏洞标题 CVE-2022-35413: WAPPLES Web Application Firewall <=6.0 - Hardcoded Credentials 漏洞描述 WAPPLES Web Application Firewall through 6.0 contains a hardcoded credentials vu...

漏洞标题 CVE-2023-5222: Viessmann Vitogate 300 - Hardcoded Password 漏洞描述 A critical vulnerability in Viessmann Vitogate 300 up to 2.1.3.0 allows attackers to authenticate using...