漏洞标题 CVE-2025-48954: Discourse OAuth Social Login - Cross-site Scripting 漏洞描述 Discourse versions prior to 3.5.0.beta6 contain a stored Cross-Site Scripting (XSS) vulnerabil...

漏洞标题 CVE-2018-19410: PRTG Network Monitor - Local File Inclusion 漏洞描述 PRTG Network Monitor before 18.2.40.1683 allows remote unauthenticated attackers to create users with ...

漏洞标题 CVE-2013-3526: WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in js/ta_loaded.js.php in the Traffi...

漏洞标题 CVE-2022-45933: KubeView <=0.1.31 - Information Disclosure 漏洞描述 KubeView through 0.1.31 is susceptible to information disclosure. An attacker can obtain control of ...

漏洞标题 CVE-2024-9463: Palo Alto Expedition - RCE 漏洞描述 Palo Alto Networks Expedition的/API/convertCSVtoParquet.php接口存在命令注入漏洞，未经身份验证的攻击者可利用该漏洞在Exped...

漏洞标题 CVE-2022-4140: WordPress Welcart e-Commerce <2.8.5 - Arbitrary File Access 漏洞描述 WordPress Welcart e-Commerce plugin before 2.8.5 is susceptible to arbitrary file ac...

漏洞标题 CVE-2024-21893: Ivanti SAML - Server Side Request Forgery (SSRF) 漏洞描述 A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, ...

漏洞标题 CVE-2019-8446: Jira Improper Authorization 漏洞描述 The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to enumerate usernames vi...

漏洞标题 CVE-2021-36260: Hikvision IP camera/NVR - Remote Command Execution 漏洞描述 Certain Hikvision products contain a command injection vulnerability in the web server due to t...

漏洞标题 CVE-2024-0200: Github Enterprise Authenticated Remote Code Execution 漏洞描述 An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead...

漏洞标题 CVE-2025-4302: Stop User Enumeration WordPress plugin - Authentication Bypass 漏洞描述 Stop User Enumeration WordPress plugin < 1.7.3 contains an authentication bypass ...

漏洞标题 CVE-2020-12259: rConfig 3.9.4 - Cross-Site Scripting 漏洞描述 rConfig 3.9.4 is vulnerable to reflected XSS. The configDevice.php file improperly validates user input. An a...

漏洞标题 CVE-2021-21402: Jellyfin prior to 10.7.0 Unauthenticated Arbitrary File Read 漏洞描述 Jellyfin is a Free Software Media System. In Jellyfin before version 10.7.1, with cer...

漏洞标题 CVE-2018-6910: DedeCMS 5.7 - Path Disclosure 漏洞描述 DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or inc...

漏洞标题 AVM FRITZ!Box 7530 AX未授权访问漏洞（CVE-2024-54767） 漏洞描述 AVM FRITZ!Box 7530 AX v7.59组件中的/juis_boxinfo.xml存在访问控制问题，允许攻击者在未经身份验证的情况下获取敏...

漏洞标题 CVE-2021-42887: TOTOLINK EX1200T 4.1.2cu.5215 - Authentication Bypass 漏洞描述 TOTOLINK EX1200T 4.1.2cu.5215 is susceptible to authentication bypass. An attacker can bypas...