漏洞标题 CVE-2016-10367: Opsview Monitor Pro - Local File Inclusion 漏洞描述 Opsview Monitor Pro prior to 5.1.0.162300841, prior to 5.0.2.27475, prior to 4.6.4.162391051, and 4.5.x...

漏洞标题 CVE-2021-42566: myfactory FMS - Cross-Site Scripting 漏洞描述 myfactory.FMS before 7.1-912 allows cross-site scripting via the Error parameter. PoC代码

漏洞标题 CVE-2021-24214: WordPress OpenID Connect Generic Client 3.8.0-3.8.1 - Cross-Site Scripting 漏洞描述 WordPress OpenID Connect Generic Client plugin 3.8.0 and 3.8.1 contains...

漏洞标题 Citrix ADC and Citrix Gateway CVE-2023-3519未授权远程代码执行漏洞 漏洞描述 Citrix ADC and Citrix Gateway存在远程代码执行漏洞，此漏洞是由于缺乏有效的校验导致的。 PoC代码 暂...

漏洞标题 CVE-2021-24838: WordPress AnyComment <0.3.5 - Open Redirect 漏洞描述 WordPress AnyComment plugin before 0.3.5 contains an open redirect vulnerability via an API endpoin...

漏洞标题 CVE-2020-5405: Spring Cloud Config - Local File Inclusion 漏洞描述 Spring Cloud Config versions 2.2.x prior to 2.2.2, 2.1.x prior to 2.1.7, and older unsupported versions ...

漏洞标题 CVE-2017-11107: phpLDAPadmin <= 1.2.3 - Reflected XSS 漏洞描述 phpLDAPadmin <= 1.2.3 contains a reflected cross-site scripting caused by unsanitized input in htdocs/...

漏洞标题 CVE-2024-27443: Zimbra Collaboration - Cross-Site Scripting (XSS) 漏洞描述 An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. A Cross-Site Scripting (XSS)...

漏洞标题 CVE-2013-2287: WordPress Plugin Uploader 1.0.4 - Cross-Site Scripting 漏洞描述 Multiple cross-site scripting vulnerabilities in views/notify.php in the Uploader plugin 1.0...

漏洞标题 CVE-2014-5368: WordPress Plugin WP Content Source Control - Directory Traversal 漏洞描述 A directory traversal vulnerability in the file_get_contents function in downloadf...

概览 本文你将看到： 基于 HTTP 的前端鉴权背景cookie 为什么是最方便的存储方案，有哪些操作 cookie 的方式session 方案是如何实现的，存在哪些问题token 方案是如何实现的，如何进行编码和防...

漏洞标题 CVE-2020-13927: Airflow Experimental <1.10.11 - REST API Auth Bypass 漏洞描述 Airflow's Experimental API prior 1.10.11 allows all API requests without authenticati...

漏洞标题 CVE-2018-3167: Oracle E-Business Suite - Blind SSRF 漏洞描述 Oracle E-Business Suite, Application Management Pack component (User Monitoring subcomponent), is susceptible ...

漏洞标题 CVE-2024-12209: WP Umbrella Update Backup Restore & Monitoring <= 2.17.0 - Local File Inclusion 漏洞描述 The WP Umbrella: Update Backup Restore & Monitoring plu...

漏洞标题 CVE-2014-6287: HTTP File Server <2.3c - Remote Command Execution 漏洞描述 HTTP File Server before 2.3c is susceptible to remote command execution. The findMacroMarker f...

漏洞标题 CVE-2020-0646: Microsoft .NET Framework - Remote Code Execution 漏洞描述 A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate i...