漏洞标题 CVE-2020-9484: Apache Tomcat Remote Command Execution 漏洞描述 When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7...

漏洞标题 CVE-2020-6308: SAP BusinessObjects Business Intelligence Platform - Blind Server-Side Request Forgery 漏洞描述 SAP BusinessObjects Business Intelligence Platform (Web Serv...

漏洞标题 CVE-2020-16846: SaltStack Shell Injection 漏洞描述 An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH clien...

漏洞标题 CVE-2020-13117: Wavlink Multiple AP - Remote Command Injection 漏洞描述 Wavlink products are affected by a vulnerability that may allow remote unauthenticated users to exe...

漏洞标题 CVE-2020-36708: WordPress Epsilon Framework Themes <=2.4.8 - Remote Code Execution 漏洞描述 WordPress themes including Shapely <= 1.2.7, NewsMag <= 2.4.1, Activel...

漏洞标题 CVE-2020-11547: PRTG Network Monitor <20.1.57.1745 - Information Disclosure 漏洞描述 PRTG Network Monitor before 20.1.57.1745 is susceptible to information disclosure. ...

漏洞标题 CVE-2020-5412: Spring Cloud Netflix - Server-Side Request Forgery 漏洞描述 Spring Cloud Netflix 2.2.x prior to 2.2.4, 2.1.x prior to 2.1.6, and older unsupported versions ...

漏洞标题 CVE-2020-26413: Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure 漏洞描述 GitLab CE and EE 13.4 through 13.6.2 is susceptible to Information disclosure via GraphQL. Use...

漏洞标题 CVE-2020-29279: 74CMS - Remote File Inclusion 漏洞描述 PHP remote file inclusion in the assign_resume_tpl method in Application/Common/Controller/BaseController.class.php ...

漏洞标题 CVE-2020-5307: PHPGurukul Dairy Farm Shop Management System 1.0 - SQL Injection 漏洞描述 PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, a...

漏洞标题 CVE-2020-36731: Flexible Checkout Fields for WooCommerce <= 2.3.1 - Unauthenticated Arbitrary Plugin Settings Update 漏洞描述 The Flexible Checkout Fields for WooCommer...

漏洞标题 CVE-2020-35713: Belkin Linksys RE6500 <1.0.012.001 - Remote Command Execution 漏洞描述 Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execut...

漏洞标题 CVE-2020-7961: Liferay Portal RCE 反序列化命令执行漏洞 漏洞描述 Liferay Portal CE是一款用来快速构建网站的开源系统。其7.2.0 GA1及以前的版本API接口中存在一处反序列化漏洞，利...

漏洞标题 CVE-2020-11738: WordPress Duplicator 1.3.24 & 1.3.26 - Local File Inclusion 漏洞描述 WordPress Duplicator 1.3.24 & 1.3.26 are vulnerable to local file inclusion vu...

漏洞标题 CVE-2020-12054: WordPress Catch Breadcrumb <1.5.4 - Cross-Site Scripting 漏洞描述 WordPress Catch Breadcrumb plugin before 1.5.4 contains a reflected cross-site scripti...

漏洞标题 CVE-2020-13379: Grafana 3.0.1-7.0.1 - Server-Side Request Forgery 漏洞描述 Grafana 3.0.1 through 7.0.1 is susceptible to server-side request forgery via the avatar feature...