漏洞标题 CVE-2022-1020: WordPress WooCommerce <3.1.2 - Arbitrary Function Call 漏洞描述 WordPress WooCommerce plugin before 3.1.2 does not have authorisation and CSRF checks in ...

漏洞标题 CVE-2023-48241: XWiki < 4.10.15 - Information Disclosure 漏洞描述 The Solr-based search suggestion provider that also duplicates as generic JavaScript API for search re...

漏洞标题 CVE-2020-15920: Mida eFramework <=2.9.0 - Remote Command Execution 漏洞描述 Mida eFramework through 2.9.0 allows an attacker to achieve remote code execution with admin...

漏洞标题 Apache Tomcat Ajp webapp 任意文件读取漏洞(CVE-2020-1938) 漏洞描述 ApacheTomcat会开启AJP连接器,方便与其他Web服务器通过AJP协议进行交互。由于Tomcat本身也内含了HTTP服务器，因...

漏洞标题 CVE-2022-45362: WordPress Paytm Payment Gateway <=2.7.0 - Server-Side Request Forgery 漏洞描述 WordPress Paytm Payment Gateway plugin through 2.7.0 contains a server-si...

漏洞标题 CVE-2021-22122: FortiWeb - Cross Site Scripting 漏洞描述 FortiWeb 6.3.0 through 6.3.7 and versions before 6.2.4 contain an unauthenticated cross-site scripting vulnerabili...

漏洞标题 CVE-2019-11510: Pulse Connect Secure SSL VPN Arbitrary File Read 漏洞描述 Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9...

漏洞标题 CVE-2018-10942: Prestashop AttributeWizardPro Module - Arbitrary File Upload 漏洞描述 In the Attribute Wizard addon 1.6.9 for PrestaShop allows remote attackers to execute...

漏洞标题 CVE-2020-24312: WordPress Plugin File Manager (wp-file-manager) Backup Disclosure 漏洞描述 mndpsingh287 WP File Manager v6.4 and lower fails to restrict external access to...

漏洞标题 CVE-2023-6875: WordPress POST SMTP Mailer <= 2.8.7 - Authorization Bypass 漏洞描述 The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP ...

漏洞标题 CVE-2018-7662: Couchcms 2.0 Dictionary Disclosure 漏洞描述 Couchcms 2.0 Dictionary Disclosure fofa: app="Couchcms" shodan: http.html:"Couchcms" PoC代码

漏洞标题 Apache Solr 环境变量信息泄漏漏洞(CVE-2023-50290) 漏洞描述 Apache Solr 是一款开源搜索引擎。自Apache Solr 9.0.0起，由于 Solr Metrics API默认输出所有未单独配置保护策略的环境...

漏洞标题 CVE-2024-57514: TP-Link Archer A20 v3 Router - Cross-site Scripting 漏洞描述 The TP-Link Archer A20 v3 router is vulnerable to Cross-site Scripting (XSS) due to improper h...

漏洞标题 CVE-2025-6970: WordPress Events Manager <= 7.0.3 - SQL Injection 漏洞描述 The Events Manager - Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable...

漏洞标题 CVE-2025-6851: WordPress Broken Link Notifier < 1.3.1 - Unauthenticated SSRF 漏洞描述 The Broken Link Notifier plugin for WordPress is vulnerable to Server-Side Request...

漏洞标题 CVE-2023-4169: Ruijie RG-EW1200G Router - Password Reset 漏洞描述 A vulnerability was found in Ruijie RG-EW1200G 1.0(1)B1P5. It has been declared as critical. Affected by ...