最新发布第252页
CVE-2021-24838: WordPress AnyComment <0.3.5 - Open Redirect
漏洞标题 CVE-2021-24838: WordPress AnyComment <0.3.5 - Open Redirect 漏洞描述 WordPress AnyComment plugin before 0.3.5 contains an open redirect vulnerability via an API endpoin...
CVE-2025-5961: WordPress WPvivid Backup & Migration Plugin <= 0.9.116 - Authenticated Arbitrary File Upload
漏洞标题 CVE-2025-5961: WordPress WPvivid Backup & Migration Plugin <= 0.9.116 - Authenticated Arbitrary File Upload 漏洞描述 The Migration, Backup, Staging – WPvivid Backu...
CVE-2017-5521: Bypassing Authentication on NETGEAR Routers
漏洞标题 CVE-2017-5521: Bypassing Authentication on NETGEAR Routers 漏洞描述 NETGEAR routers before 6.0.10 allow remote attackers to bypass authentication and gain access to the ro...
CVE-2020-8191: Citrix ADC/Gateway – Cross-Site Scripting
漏洞标题 CVE-2020-8191: Citrix ADC/Gateway - Cross-Site Scripting 漏洞描述 Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70....
CVE-2021-22175: GitLab CI Lint API – Server-Side Request Forgery
漏洞标题 CVE-2021-22175: GitLab CI Lint API - Server-Side Request Forgery 漏洞描述 GitLab 10.5 and later contain a server-side request forgery caused by insecure handling of webhoo...
Atlassian Jira未授权访问 (CVE-2020-14179)
漏洞标题 Atlassian Jira未授权访问 (CVE-2020-14179) 漏洞描述 该漏洞源于Jira Server and DataCenter允许远程、未经身份验证的攻击者通过/secure/QueryComponent!Default中的一个信息泄露漏洞...
CVE-2016-10973: Brafton WordPress Plugin < 3.4.8 - Cross-Site Scripting
漏洞标题 CVE-2016-10973: Brafton WordPress Plugin < 3.4.8 - Cross-Site Scripting 漏洞描述 The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=B...
CVE-2016-10976: Safe Editor Plugin < 1.2 - CSS/JS-injection
漏洞标题 CVE-2016-10976: Safe Editor Plugin < 1.2 - CSS/JS-injection 漏洞描述 The safe-editor plugin before 1.2 for WordPress has no se_save authentication, with resultant XSS. ...
CVE-2019-17233: WordPress Ultimate FAQs <= 1.8.24 – Unauthenticated HTML Content Injection
漏洞标题 CVE-2019-17233: WordPress Ultimate FAQs <= 1.8.24 – Unauthenticated HTML Content Injection 漏洞描述 Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin through 1...
CVE-2024-32231: Stash < 0.26.0 - SQL Injection
漏洞标题 CVE-2024-32231: Stash < 0.26.0 - SQL Injection 漏洞描述 Stash up to v0.25.1 was discovered to contain a SQL injection vulnerability via the sort parameter. PoC代码
Belkin N150 路径遍历(CVE-2014-2962)
漏洞标题 Belkin N150 路径遍历(CVE-2014-2962) 漏洞描述 固件版本低于1.00.08的Belkin N150 F9K1009 v1路由器上的webproccgi模块中存在路径遍历漏洞,远程攻击者可借助getpage参数中的完整路径...
CVE-2021-37292: KevinLAB BEMS (Building Energy Management System) – Backdoor Account
漏洞标题 CVE-2021-37292: KevinLAB BEMS (Building Energy Management System) - Backdoor Account 漏洞描述 KevinLAB BEMS has an undocumented backdoor account, and these sets of credent...
CVE-2021-34473: Exchange Server – Remote Code Execution
漏洞标题 CVE-2021-34473: Exchange Server - Remote Code Execution 漏洞描述 Microsoft Exchange Server is vulnerable to a remote code execution vulnerability. This CVE ID is unique fr...
Atlassian Confluence CVE-2023-22527 远程命令执行漏洞
漏洞标题 Atlassian Confluence CVE-2023-22527 远程命令执行漏洞 漏洞描述 Atlassian Confluence存在远程命令执行漏洞,此漏洞是对用户的数据缺乏校验导致的。 PoC代码 暂无
CVE-2023-24657: phpIPAM – 1.6 – Cross-Site Scripting
漏洞标题 CVE-2023-24657: phpIPAM - 1.6 - Cross-Site Scripting 漏洞描述 phpIPAM 1.6 contains a cross-site scripting vulnerability via the closeClass parameter at /subnet-masks/popup...
Adobe Coldfusion绕过身份验证(CVE-2023-26347)
漏洞标题 Adobe Coldfusion绕过身份验证(CVE-2023-26347) 漏洞描述 Adobe ColdFusion 版本2023.5 (及更早版本)和2021.11(及更早版本)存在不正确的访问控制漏洞,可能导致安全功能被绕过。未经身...





