漏洞标题 CVE-2020-13405: Microweber <1.1.20 - Information Disclosure 漏洞描述 Microweber before 1.1.20 is susceptible to information disclosure via userfiles/modules/users/contr...

漏洞标题 CVE-2025-53364: Parse Server - GraphQL Schema Information Disclosure 漏洞描述 The Parse Server GraphQL API previously allowed public access to the GraphQL schema without r...

漏洞标题 CVE-2016-1000148: WordPress S3 Video <=0.983 - Cross-Site Scripting 漏洞描述 WordPress S3 Video and before contains a reflected cross-site scripting vulnerability which...

漏洞标题 CVE-2016-9299: Jenkins CLI - HTTP Java Deserialization 漏洞描述 The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitra...

漏洞标题 CVE-2021-24288: WordPress AcyMailing <7.5.0 - Open Redirect 漏洞描述 WordPress AcyMailing plugin before 7.5.0 contains an open redirect vulnerability due to improper sa...

漏洞标题 CVE-2025-34023: Karel IP Phone IP1211 Web Management Panel - Local File Inclusion 漏洞描述 Karel IP Phone IP1211 Web Management Panel is vulnerable to local file inclusion...

漏洞标题 CVE-2015-2755: WordPress AB Google Map Travel <=3.4 - Stored Cross-Site Scripting 漏洞描述 WordPress AB Google Map Travel plugin through 3.4 contains multiple stored cr...

漏洞标题 Apache OFBiz webtools/control/xmlrpc 远程代码执行漏洞（CVE-2023-49070） 漏洞描述 Apache OFBiz是一个开源的企业资源规划（ERP）系统，提供了多种商业功能和模块。Apache OFBiz 在...

漏洞标题 CVE-2017-18562: Error Log Viewer by BestWebSoft < 1.0.6 - Cross-Site Scripting 漏洞描述 The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues. ...

漏洞标题 CVE-2020-12832: WordPress Simple File List - Path Traversal 漏洞描述 Simple File List plugin allows path traversal via file upload, enabling files to be written outside th...

漏洞标题 CVE-2023-47248: PyArrow Flight RPC - Remote Code Execution 漏洞描述 PyArrow Flight RPC from v0.14.0 through v14.0.0 allows remote attackers to execute arbitrary code via a...

漏洞标题 CVE-2022-1007: WordPress Advanced Booking Calendar <1.7.1 - Cross-Site Scripting 漏洞描述 WordPress Advanced Booking Calendar plugin before 1.7.1 contains a cross-site ...

漏洞标题 (CVE-2023-3765) MLflow 绝对路径遍历漏洞 漏洞描述 (CVE-2023-3765) MLflow 绝对路径遍历漏洞 PoC代码 暂无

漏洞标题 CData Sync CVE-2024-31851 路径遍历漏洞 漏洞描述 CData sync存在路径遍历漏洞，此漏洞是由于/ui/接口对用户的请求验证不当造成的。 PoC代码 暂无

漏洞标题 CVE-2025-26319: FlowiseAI Flowise <= 2.2.6 - Arbitrary File Upload 漏洞描述 FlowiseAI Flowise version 2.2.6 and below contains an arbitrary file upload vulnerability in...

漏洞标题 CVE-2024-10486: Google for WooCommerce <= 2.8.6 - Information Disclosure via Publicly Accessible PHP Info File 漏洞描述 The Google for WooCommerce plugin for WordPress ...