漏洞标题 CVE-2020-14144: Gitea 1.1.0 - 1.12.5 - Remote Code Execution 漏洞描述 Gitea 1.1.0 through 1.12.5 is susceptible to authenticated remote code execution, via the git hook fu...

漏洞标题 CVE-2023-0676: phpIPAM 1.5.1 - Cross-site Scripting 漏洞描述 Cross-site Scripting (XSS) - Reflected in GitHub repository phpipam/phpipam prior to 1.5.1. PoC代码

漏洞标题 CVE-2021-25082: WordPress Popup Builder < 4.0.7 - Remote Code Execution 漏洞描述 Popup Builder WordPress plugin before 4.0.7 contains a local file inclusion caused by u...

漏洞标题 CVE-2020-13405: Microweber <1.1.20 - Information Disclosure 漏洞描述 Microweber before 1.1.20 is susceptible to information disclosure via userfiles/modules/users/contr...

本文转载于公众号：融云攻防实验室，原文地址： H3C SecPath运维审计系统 任意用户登录漏洞 H3C SecPath运维审计系统是基于用户现阶段面临的运维难题提出的一款运维风险管控产品。借助身份认证...

漏洞标题 CVE-2004-1965: Open Bulletin Board (OpenBB) v1.0.6 - Open Redirect/XSS 漏洞描述 Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 a...

漏洞标题 CVE-2023-20889: VMware Aria Operations for Networks - Code Injection Information Disclosure Vulnerability 漏洞描述 Aria Operations for Networks contains an information dis...

漏洞标题 CVE-2022-47945: Thinkphp Lang - Local File Inclusion 漏洞描述 ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack fe...

漏洞标题 CVE-2013-2287: WordPress Plugin Uploader 1.0.4 - Cross-Site Scripting 漏洞描述 Multiple cross-site scripting vulnerabilities in views/notify.php in the Uploader plugin 1.0...

漏洞标题 CVE-2020-7247: OpenSMTPD 6.4.0-6.6.1 - Remote Code Execution 漏洞描述 OpenSMTPD versions 6.4.0 - 6.6.1 are susceptible to remote code execution. smtp_mailaddr in smtp_sess...

前言 一个方便安全研究人员获取每日安全日报的爬虫和推送程序，目前爬取范围包括先知社区、安全客、Seebug Paper、跳跳糖、奇安信攻防社区、棱角社区以及绿盟、腾讯玄武、天融信、360等实验室博...

漏洞标题 CVE-2023-26258: Arcserve UDP <= 9.0.6034 - Authentication Bypass 漏洞描述 Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at WebSe...

漏洞标题 CVE-2022-47003: Mura CMS <10.0.580 - Authentication Bypass 漏洞描述 Mura CMS before 10.0.580 is susceptible to authentication bypass in the Remember Me function. An att...

漏洞标题 CVE-2022-33901: WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read 漏洞描述 WordPress MultiSafepay for WooCommerce plugin through 4.13.1 contains an ...

漏洞标题 CVE-2016-1000127: WordPress AJAX Random Post <=2.00 - Cross-Site Scripting 漏洞描述 WordPress AJAX Random Post 2.00 is vulnerable to reflected cross-site scripting. PoC...

漏洞标题 CVE-2022-28117: Navigate CMS 2.9.4 - Server-Side Request Forgery 漏洞描述 Navigate CMS 2.9.4 is susceptible to server-side request forgery via feed_parser class. This can ...