漏洞标题 CVE-2010-0972: Joomla! Component com_gcalendar Suite 2.1.5 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the GCalendar (com_gcalendar) component 2...

漏洞标题 CVE-2019-16313: ifw8 Router ROM v4.31 - Credential Discovery 漏洞描述 ifw8 Router ROM v4.31 is vulnerable to credential disclosure via action/usermanager.htm HTML source c...

漏洞标题 CVE-2019-10758: mongo-express Remote Code Execution 漏洞描述 mongo-express before 0.54.0 is vulnerable to remote code execution via endpoints that uses the `toBSON` method...

漏洞标题 CVE-2020-35951: Wordpress Quiz and Survey Master <7.0.1 - Arbitrary File Deletion 漏洞描述 Wordpress Quiz and Survey Master <7.0.1 allows users to delete arbitrary f...

漏洞标题 CVE-2024-33288: Prison Management System - SQL Injection Authentication Bypass 漏洞描述 Sql injection vulnerability was found on the login page in Prison Management System...

漏洞标题 CVE-2021-46424: Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Delete 漏洞描述 Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that all...

漏洞标题 CVE-2021-28854: VICIdial Sensitive Information Disclosure 漏洞描述 VICIdial's Web Client is susceptible to information disclosure because it contains many sensitive f...

漏洞标题 CVE-2014-8739: WordPress Sexy Contact Form (<= 0.9.7) - Arbitrary File Upload 漏洞描述 Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQu...

漏洞标题 CVE-2021-31682: WebCTRL OEM <= 6.5 - Cross-Site Scripting 漏洞描述 WebCTRL OEM 6.5 and prior is susceptible to a cross-site scripting vulnerability because the login po...

漏洞标题 CVE-2019-14696: Open-School 3.0/Community Edition 2.3 - Cross-Site Scripting 漏洞描述 Open-School 3.0, and Community Edition 2.3, allows cross-site scripting via the osv/i...

漏洞标题 CVE-2020-29395: Wordpress EventON Calendar 3.0.5 - Cross-Site Scripting 漏洞描述 Wordpress EventON Calendar 3.0.5 is vulnerable to cross-site scripting because it allows a...

漏洞标题 CVE-2021-38146: Wipro Holmes Orchestrator 20.4.1 - Arbitrary File Download 漏洞描述 The File Download API in Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows re...

漏洞标题 CVE-2022-1768: WordPress RSVPMaker <=9.3.2 - SQL Injection 漏洞描述 WordPress RSVPMaker plugin through 9.3.2 contains a SQL injection vulnerability due to insufficient ...

漏洞标题 CVE-2023-0948: WordPress Japanized for WooCommerce <2.5.8 - Cross-Site Scripting 漏洞描述 WordPress Japanized for WooCommerce plugin before 2.5.8 is susceptible to cros...

漏洞标题 CVE-2024-1061: WordPress HTML5 Video Player - SQL Injection 漏洞描述 WordPress HTML5 Video Player plugin is vulnerable to SQL injection. An unauthenticated attacker can ex...

漏洞标题 chamilo model.ajax.php 存在sql注入漏洞 (CVE-2021-34187) 漏洞描述 Chamilo是一个开源的在线学习管理系统（LMS），用于创建和管理在线课程、培训和考试。它提供了一个完整的学习环境...