最新发布第201页
Argo CD未经身份验证访问敏感设置(CVE-2024-37152)
漏洞标题 Argo CD未经身份验证访问敏感设置(CVE-2024-37152) 漏洞描述 Argo CD 是用于 Kubernetes 的声明式 GitOps 持续交付工具。该漏洞允许未经身份验证访问 /api/v1/settings端点公开的敏感...
CVE-2022-44957: WebTareas 2.4p5 – Cross-Site Scripting
漏洞标题 CVE-2022-44957: WebTareas 2.4p5 - Cross-Site Scripting 漏洞描述 webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /clie...
Apache OFBiz CVE-2018-8033 XML外部实体注入漏洞
漏洞标题 Apache OFBiz CVE-2018-8033 XML外部实体注入漏洞 漏洞描述 Apache OFBiz存在XML外部实体注入漏洞,此漏洞是由于httpService接口对用户的请求验证不当导致的。 PoC代码 暂无
CVE-2025-51502: Microweber CMS 2.0 – Reflected XSS in Admin Page Creation
漏洞标题 CVE-2025-51502: Microweber CMS 2.0 - Reflected XSS in Admin Page Creation 漏洞描述 Reflected Cross-Site Scripting (XSS) exists in Microweber CMS 2.0 through the layout par...
CVE-2021-24917: WordPress WPS Hide Login <1.9.1 - Information Disclosure
漏洞标题 CVE-2021-24917: WordPress WPS Hide Login <1.9.1 - Information Disclosure 漏洞描述 WordPress WPS Hide Login plugin before 1.9.1 is susceptible to incorrect authorization...
CVE-2010-20103: ProFTPd-1.3.3c – Backdoor Command Execution
漏洞标题 CVE-2010-20103: ProFTPd-1.3.3c - Backdoor Command Execution 漏洞描述 ProFTPD 1.3.3c contains a command injection backdoor caused by a hidden FTP command trigger in the sou...
CVE-2009-0932: Horde/Horde Groupware – Local File Inclusion
漏洞标题 CVE-2009-0932: Horde/Horde Groupware - Local File Inclusion 漏洞描述 Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 are susceptible to local file inclusion ...
CVE-2022-2627: WordPress Newspaper < 12 - Cross-Site Scripting
漏洞标题 CVE-2022-2627: WordPress Newspaper < 12 - Cross-Site Scripting 漏洞描述 WordPress Newspaper theme before 12 is susceptible to cross-site scripting. The does not sanitiz...
CVE-2022-29383: NETGEAR ProSafe SSL VPN firmware – SQL Injection
漏洞标题 CVE-2022-29383: NETGEAR ProSafe SSL VPN firmware - SQL Injection 漏洞描述 NETGEAR ProSafe SSL VPN multiple firmware versions were discovered to contain a SQL injection vul...
CVE-2023-35161: XWiki >= 6.2-milestone-1 – Cross-Site Scripting
漏洞标题 CVE-2023-35161: XWiki >= 6.2-milestone-1 - Cross-Site Scripting 漏洞描述 XWiki Platform is a generic wiki platform offering runtime services for applications built on t...
CVE-2025-37164: HPE OneView – Remote Code Execution
漏洞标题 CVE-2025-37164: HPE OneView - Remote Code Execution 漏洞描述 HPE OneView contains a remote code execution vulnerability, letting remote attackers execute arbitrary code, e...
CVE-2023-35844: Lightdash Arbitrary File Read
漏洞标题 CVE-2023-35844: Lightdash Arbitrary File Read 漏洞描述 Lightdash是一款数据分析平台,它可以让数据团队和其他业务部门聚集在一起以做出更好的数据驱动决策 Lightdash 0.510.3之前...
Casdoor 1.13.0-SQL注入(CVE-2022-24124)
漏洞标题 Casdoor 1.13.0-SQL注入(CVE-2022-24124) 漏洞描述 Casdoor 是一个基于 OAuth 2.0 / OIDC 的 UI 优先集中认证 / 单点登录 (SSO) 平台。该平台存在sql注入漏洞 PoC代码 暂无
CVE-2022-29455-headless: WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting
漏洞标题 CVE-2022-29455-headless: WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting 漏洞描述 WordPress Elementor Website Builder plugin 3.5.5 and prior con...
CVE-2010-1469: Joomla! Component JProject Manager 1.0 – Local File Inclusion
漏洞标题 CVE-2010-1469: Joomla! Component JProject Manager 1.0 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the Ternaria Informatica JProject Manager (com...
CVE-2019-1003000: Jenkins Script Security Plugin <=1.49 - Sandbox Bypass
漏洞标题 CVE-2019-1003000: Jenkins Script Security Plugin <=1.49 - Sandbox Bypass 漏洞描述 A sandbox bypass vulnerability exists in the Jenkins Script Security Plugin (versions ...





