漏洞标题 Apache Tapestry远程代码执行(CVE-2021-27850 ) 漏洞描述 Apache Tapestry 5.4.5、5.5.0、5.6.2 and 5.7.0。在CVE-2019-0195中，通过操纵classpath资产文件URL，攻击者可以在classpath...

漏洞标题 CVE-2010-1495: Joomla! Component Matamko 1.01 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the Matamko (com_matamko) component 1.01 for Joomla! a...

漏洞标题 CVE-2020-11529: Grav < 1.7 - Open Redirect 漏洞描述 Grav before 1.7 has an open redirect vulnerability via common/Grav.php. This is partially fixed in 1.6.23 and still ...

漏洞标题 CVE-2021-20086: Odoo Apps - Cross-Site Scripting via Prototype Pollution 漏洞描述 jquery-bbq 1.2.1 contains a prototype pollution caused by improperly controlled modificat...

漏洞标题 CVE-2021-25282: SaltStack Salt Unautherenticated Remote Command Execution 漏洞描述 An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_r...

漏洞标题 CVE-2024-38472: Apache HTTPd Windows UNC - Server-Side Request Forgery 漏洞描述 SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious...

漏洞标题 CVE-2019-14470: WordPress UserPro 4.9.32 - Cross-Site Scripting 漏洞描述 WordPress UserPro 4.9.32 is vulnerable to reflected cross-site scripting because the Instagram PHP...

漏洞标题 CVE-2021-40539: Zoho ManageEngine ADSelfService Plus v6113 - Unauthenticated Remote Command Execution 漏洞描述 Zoho ManageEngine ADSelfService Plus version 6113 and prior ...

漏洞标题 CVE-2022-33901: WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read 漏洞描述 WordPress MultiSafepay for WooCommerce plugin through 4.13.1 contains an ...

漏洞标题 CVE-2017-17043: WordPress Emag Marketplace Connector 1.0 - Cross-Site Scripting 漏洞描述 WordPress Emag Marketplace Connector plugin 1.0 contains a reflected cross-site sc...

漏洞标题 CVE-2019-0230: Apache Struts <=2.5.20 - Remote Code Execution S2-059 漏洞描述 Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation when evaluated on raw user inp...

漏洞标题 CVE-2012-4273: 2 Click Socialmedia Buttons < 0.34 - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in libs/xing.php in the 2 Click Social Media Butt...

漏洞标题 CVE-2021-45380: AppCMS - Cross-Site Scripting 漏洞描述 AppCMS 2.0.101 has a cross-site scripting vulnerability in \templates\m\inc_head.php. PoC代码

漏洞标题 CVE-2021-30497: Ivanti Avalanche 6.3.2 - Local File Inclusion 漏洞描述 Ivanti Avalanche 6.3.2 is vulnerable to local file inclusion because it allows remote unauthenticate...

漏洞标题 CVE-2017-12149: Jboss Application Server - Remote Code Execution 漏洞描述 Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2 is susceptib...

漏洞标题 Apache OFBiz CVE-2024-38856 未授权代码执行漏洞 漏洞描述 Apache OFBiz存在未授权代码执行漏洞，该漏洞是由于ProgramExport接口对用户的权限校验不当导致的。 PoC代码 暂无