漏洞标题 CVE-2024-7714: AI Assistant with ChatGPT by AYS <= 2.0.9 - Unauthenticated AJAX Calls 漏洞描述 The plugin lacks sufficient access controls allowing an unauthenticated u...

漏洞标题 CVE-2021-25008: The Code Snippets WordPress Plugin < 2.14.3 - Cross-Site Scripting 漏洞描述 The Wordpress plugin Code Snippets before 2.14.3 does not escape the snippet...

漏洞标题 CVE-2022-2168: WordPress Download Manager < 3.2.44 - Authenticated Cross-Site Scripting 漏洞描述 The WordPress Download Manager plugin before version 3.2.44 does not pr...

漏洞标题 CVE-2023-34843: Traggo Server - Local File Inclusion 漏洞描述 traggo/server version 0.3.0 is vulnerable to directory traversal. PoC代码

漏洞报告 【Judge.me 】The response shows the nginx version http://hackerone.com/reports/1395068 【Slack 250刀】Cross-site leak allows attacker to de-anonymize members of his team f...

漏洞标题 CVE-2022-0817: WordPress BadgeOS <=3.7.0 - SQL Injection 漏洞描述 WordPress BadgeOS plugin through 3.7.0 contains a SQL injection vulnerability. It does not sanitize an...

漏洞标题 CVE-2025-54125: XWiki XML View - Sensitive Information Exposure 漏洞描述 A vulnerability in XWiki's XML view functionality exposes sensitive information such as passw...

漏洞标题 Apache OFBiz /viewdatafile 代码执行漏洞（CVE-2024-45195） 漏洞描述 Apache OFBiz是一个开源企业资源规划（ERP）系统。它提供了一套企业应用程序，集成并自动化企业的许多业务流程...

漏洞标题 CVE-2018-6605: Joomla Ext zhbaidumap sql inject 漏洞描述 Joomla Ext zhbaidumap sql inject fofa: app="Joomla" shodan: http.html:"Joomla" PoC代码

漏洞标题 CVE-2023-24657: phpIPAM - 1.6 - Cross-Site Scripting 漏洞描述 phpIPAM 1.6 contains a cross-site scripting vulnerability via the closeClass parameter at /subnet-masks/popup...

漏洞标题 CVE-2015-4666: Xceedium Xsuite <=2.4.4.5 - Local File Inclusion 漏洞描述 Xceedium Xsuite 2.4.4.5 and earlier is vulnerable to local file inclusion via opm/read_sessionl...

漏洞标题 CVE-2020-20300: WeiPHP 5.0 - SQL Injection 漏洞描述 WeiPHP 5.0 contains a SQL injection vulnerability via the wp_where function. An attacker can possibly obtain sensitive ...

漏洞标题 CVE-2010-2507: Joomla! Component Picasa2Gallery 1.2.8 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the Picasa2Gallery (com_picasa2gallery) compon...

漏洞标题 CVE-2019-12583: Zyxel ZyWall UAG/USG - Account Creation Access 漏洞描述 Zyxel UAG, USG, and ZyWall devices allows a remote attacker to generate guest accounts by directly ...

漏洞标题 CVE-2025-34045: WeiPHP 5.0 - Path Traversal 漏洞描述 WeiPHP 5.0 contains a path traversal caused by insufficient input validation of the picUrl parameter in /public/index....

漏洞标题 CVE-2016-3510: Oracle WebLogic Server Java Object Deserialization - Remote Code Execution 漏洞描述 Unspecified vulnerability in the Oracle WebLogic Server component in Ora...