漏洞标题 CVE-2022-41840: Welcart eCommerce <= 2.7.7 - Unauth Directory Traversal 漏洞描述 Unauth. Directory Traversal vulnerability in Welcart eCommerce plugin <= 2.7.7 on Wo...

漏洞标题 Apache Struts2(S2-012)远程代码执行漏洞(CVE-2013-1965) 漏洞描述 S2-012中，包含特制请求参数的请求可用于将任意 OGNL代码注入属性，然后用作重定向地址的请求参数，这将导致进一步...

漏洞标题 CVE-2025-49113: Roundcube Webmail - Remote Code Execution 漏洞描述 Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated us...

漏洞标题 CVE-2019-10647: ZZZCMS ZZZPHP 1.6.3 – Remote PHP Code Execution (RCE) 漏洞描述 ZZZCMS zzzphp v1.6.3 contains a remote code execution caused by lack of restrictions in inc...

漏洞标题 CVE-2019-17228: Motors Car Dealer & Classified Ads <= 1.4.0 - Unauthenticated settings import/export 漏洞描述 includes/options.php in the motors-car-dealership-clas...

漏洞标题 CVE-2024-28397: pyload-ng js2py - Remote Code Execution 漏洞描述 An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitr...

漏洞标题 CVE-2010-1657: Joomla! Component SmartSite 1.0.0 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the SmartSite (com_smartsite) component 1.0.0 for J...

漏洞标题 CVE-2019-18952: Xfilesharing 2.5.1 - Arbitrary File Upload 漏洞描述 SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload.This can be combined wit...

漏洞标题 CVE-2021-44515: Zoho ManageEngine Desktop Central - Remote Code Execution 漏洞描述 Zoho ManageEngine Desktop Central contains an authentication bypass vulnerability that c...

漏洞标题 CVE-2024-7313: Shield Security Plugin < 20.0.6 - Cross-Site Scripting 漏洞描述 The Shield Security WordPress plugin before 20.0.6 contains a reflected cross-site script...

注意：俩个server服务要相对独立，这样就可以同时将服务1和服务2的端口映射到80端口了 server { listen 80; server_name xx.cn; #域名1 location / { proxy_pass http://x.x.x.x:9001; #域名1需...

漏洞标题 CVE-2025-2710: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting 漏洞描述 Yonyou UFIDA ERP-NC V5.0 is vulnerable to reflected cross-site scripting (XSS) via the flag paramet...

漏洞标题 Apache OFBiz StatsSinceStart 远程代码执行漏洞（CVE-2024-45507） 漏洞描述 Apache OFBiz 18.12.16 之前的版本在 Linux 和 Windows 系统上存在未经身份验证的远程代码执行漏洞。 PoC...

漏洞标题 CVE-2010-2918: Joomla! Component Visites 1.1 - MosConfig_absolute_path Remote File Inclusion 漏洞描述 A PHP remote file inclusion vulnerability in core/include/myMailer.cl...

漏洞标题 CVE-2023-29204: XWiki - Open Redirect 漏洞描述 XWiki Commons are technical libraries common to several other top level XWiki projects. It is possible to bypass the existin...

漏洞标题 CVE-2025-12055: MPDV Mikrolab GmbH HYDRA X, MIP 2 & FEDRA 2 - Path Traversal 漏洞描述 MPDV Mikrolab GmbH HYDRA X, MIP 2, and FEDRA 2 <= Maintenance Pack 36 with Ser...