漏洞标题 CVE-2015-1000012: WordPress MyPixs <=0.3 - Local File Inclusion 漏洞描述 WordPress MyPixs 0.3 and prior contains a local file inclusion vulnerability. PoC代码

漏洞标题 CVE-2016-10940: WordPress zm-gallery plugin 1.0 SQL Injection 漏洞描述 zm-gallery plugin 1.0 for WordPress is susceptible to SQL injection via the order parameter. PoC代码

漏洞标题 CVE-2024-58136: Yii2 PHP Framework < 2.0.52 - Remote Code Execution 漏洞描述 Yii2 PHP Framework before 2.0.52 is vulnerable to remote code execution via improper valida...

漏洞标题 CVE-2021-25094: Wordpress Tatsubuilder <= 3.3.11 - Remote Code Execution 漏洞描述 An unrestricted file upload in WordPress Tatsubuilder plugin version <= 3.3.11 enab...

漏洞标题 CVE-2021-41460: ECShop 4.1.0 - SQL Injection 漏洞描述 ECShop 4.1.0 has SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information. Po...

漏洞标题 CVE-2013-4117: WordPress Plugin Category Grid View Gallery 2.3.1 - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in includes/CatGridPost.php in the Ca...

漏洞标题 CVE-2021-41773: Apache 2.4.49 - Path Traversal and Remote Code Execution 漏洞描述 A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An ...

漏洞标题 CVE-2021-24214: WordPress OpenID Connect Generic Client 3.8.0-3.8.1 - Cross-Site Scripting 漏洞描述 WordPress OpenID Connect Generic Client plugin 3.8.0 and 3.8.1 contains...

漏洞标题 CVE-2018-17153: Western Digital MyCloud NAS - Authentication Bypass 漏洞描述 It was discovered that the Western Digital My Cloud device before 2.30.196 is affected by an a...

漏洞标题 CVE-2021-24681: Duplicate Page WordPress - Stored Cross-Site Scripting 漏洞描述 Duplicate Page WordPress plugin <= 4.4.2 contains a stored cross-site scripting caused b...

漏洞标题 CVE-2021-24165: WordPress Ninja Forms <3.4.34 - Open Redirect 漏洞描述 WordPress Ninja Forms plugin before 3.4.34 contains an open redirect vulnerability via the wp_aja...

漏洞标题 CVE-2024-13726: Themes Coder Ecommerce <= 1.3.4 - SQL Injection 漏洞描述 The Themes Coder Ecommerce WordPress plugin through 1.3.4 does not properly sanitise and escape...

漏洞标题 CVE-2023-4450: JeecgBoot JimuReport - Template injection 漏洞描述 A vulnerability was found in jeecgboot JimuReport up to 1.6.0. It has been declared as critical. Affected...

漏洞标题 CVE-2025-58434: Flowise <= 3.0.5 - Account Takeover 漏洞描述 Flowise versions 3.0.5 and earlier had a vulnerability in the forgot-password endpoint, which returned vali...

漏洞标题 Apache Struts2(S2-001)远程代码执行漏洞(CVE-2007-4556) 漏洞描述 在Struts2 WebWork 2.1+ 和 Struts 2 的“altSyntax”功能允许将 OGNL表达式插入到文本字符串中并进行递归处理。这...

漏洞标题 CVE-2017-9791: Apache Struts2 S2-053 - Remote Code Execution 漏洞描述 Apache Struts 2.1.x and 2.3.x with the Struts 1 plugin might allow remote code execution via a malici...