漏洞标题 CVE-2021-22707: EVlink City < R8 V3.4.0.1 - Authentication Bypass 漏洞描述 A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 / EVC...

漏洞标题 CVE-2020-13927: Airflow Experimental <1.10.11 - REST API Auth Bypass 漏洞描述 Airflow's Experimental API prior 1.10.11 allows all API requests without authenticati...

漏洞标题 CVE-2024-50623: Cleo Synchronization 任意文件读取 漏洞描述 Cleo Synchronization 存在任意文件读取漏洞，攻击者可通过构造恶意请求获取服务器上的任意文件内容。 fofa: server=&qu...

漏洞标题 CVE-2019-1003000: Jenkins Script Security Plugin <=1.49 - Sandbox Bypass 漏洞描述 A sandbox bypass vulnerability exists in the Jenkins Script Security Plugin (versions ...

漏洞标题 CVE-2018-13379: Fortinet FortiOS - Credentials Disclosure 漏洞描述 Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8...

漏洞标题 CVE-2023-20889: VMware Aria Operations for Networks - Code Injection Information Disclosure Vulnerability 漏洞描述 Aria Operations for Networks contains an information dis...

漏洞标题 CVE-2016-3081: Apache S2-032 Struts RCE 漏洞描述 Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, all...

漏洞标题 CVE-2022-0968: Microweber <1.2.12 - Integer Overflow 漏洞描述 Microweber before 1.2.12 is susceptible to integer overflow. The application allows large characters to in...

漏洞标题 Atlassian Jira XSS(CVE-2018-20824) 漏洞描述 Jira7.13.1版本之前的WallboardServlet资源允许远程攻击者通过cyclePeriod参数中的跨站点脚本漏洞注入任意HTML或JavaScript。 PoC代码 ...

漏洞标题 CVE-2020-5777: Magento Mass Importer <0.7.24 - Remote Auth Bypass 漏洞描述 Magento Mass Importer (aka MAGMI) versions prior to 0.7.24 are vulnerable to a remote authent...

漏洞标题 CVE-2021-29622: Prometheus - Open Redirect 漏洞描述 Prometheus 2.23.0 through 2.26.0 and 2.27.0 contains an open redirect vulnerability. To ensure a seamless transition to...

漏洞标题 CVE-2023-22952: SugarCRM Unauthenticated - Remote Code Execution 漏洞描述 In SugarCRM before 12.0. Hotfix 91155, a crafted request can inject custom PHP code through the E...

漏洞标题 CVE-2021-35250: SolarWinds Serv-U 15.3 - Directory Traversal 漏洞描述 SolarWinds Serv-U 15.3 is susceptible to local file inclusion, which may allow an attacker access to ...

漏洞标题 CVE-2019-0604: Microsoft SharePoint - Remote Code Execution 漏洞描述 Microsoft SharePoint contains a remote code execution caused by failure to check the source markup of ...

漏洞标题 CVE-2021-46005: Sourcecodester Car Rental Management System 1.0 - Stored Cross-Site Scripting 漏洞描述 Sourcecodester Car Rental Management System 1.0 is vulnerable to cro...

漏洞标题 CVE-2020-25223: Sophos UTM Preauth - Remote Code Execution 漏洞描述 Sophos SG UTMA WebAdmin is susceptible to a remote code execution vulnerability in versions before v9.7...