漏洞标题 CVE-2020-35749: WordPress Simple Job Board <2.9.4 - Local File Inclusion 漏洞描述 WordPress Simple Job Board prior to version 2.9.4 is vulnerable to arbitrary file retr...

漏洞标题 CVE-2021-20086: Odoo Apps - Cross-Site Scripting via Prototype Pollution 漏洞描述 jquery-bbq 1.2.1 contains a prototype pollution caused by improperly controlled modificat...

漏洞标题 CVE-2012-4253: MySQLDumper 1.24.4 - Directory Traversal 漏洞描述 Multiple directory traversal vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to read arbitrar...

漏洞标题 CVE-2018-7314: Joomla! Component PrayerCenter 3.0.2 - SQL Injection 漏洞描述 SQL Injection exists in the PrayerCenter 3.0.2 component for Joomla! via the sessionid paramet...

漏洞标题 CVE-2023-1315: osTicket < v1.16.6 - Cross-Site Scripting 漏洞描述 Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6. PoC代...

漏洞标题 CVE-2017-9791: Apache Struts2 S2-053 - Remote Code Execution 漏洞描述 Apache Struts 2.1.x and 2.3.x with the Struts 1 plugin might allow remote code execution via a malici...

漏洞标题 CVE-2009-4202: Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion 漏洞描述 Joomla! Omilen Photo Gallery (com_omphotogallery) component Beta 0.5 allows remote attacke...

漏洞标题 CVE-2015-7780: ManageEngine Firewall Analyzer <8.0 - Local File Inclusion 漏洞描述 ManageEngine Firewall Analyzer before 8.0 is vulnerable to local file inclusion. PoC...

漏洞标题 CVE-2013-7240: WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal 漏洞描述 A directory traversal vulnerability in download-file.php in the Advanced Dewplayer pl...

漏洞标题 CVE-2022-47986: IBM Aspera Faspex <=4.4.2 PL1 - Remote Code Execution 漏洞描述 IBM Aspera Faspex through 4.4.2 Patch Level 1 is susceptible to remote code execution via...

漏洞标题 CVE-2010-1954: Joomla! Component iNetLanka Multiple root 1.0 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the iNetLanka Multiple root (com_multir...

漏洞标题 CVE-2024-4358: Progress Telerik Report Server - Authentication Bypass 漏洞描述 In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unau...

漏洞标题 CVE-2023-1119: WP-Optimize WordPress plugin < 3.2.13 - Cross-Site Scripting 漏洞描述 The WP-Optimize WordPress plugin before 3.2.13 and SrbTransLatin WordPress plugin b...

漏洞标题 Apache OFBiz CVE-2023-50968 服务端请求伪造漏洞 漏洞描述 Apache OFBiz存在服务器端请求伪造漏洞。此漏洞是由于对requiredLabel参数缺乏校验导致的。 PoC代码 暂无

漏洞标题 CVE-2019-2578: Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - Broken Access Control 漏洞描述 Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 suffers from broken...

相关阅读 图文讲解 原理分析 其实我们要写的脚本本质上就是一个加密程序，将文件内容通过Fernet算法进行加密，然后生成key，后面我们可以通过key在进行解密，这个过程是不是像极了勒索的场面…...