漏洞标题 CVE-2022-1020: WordPress WooCommerce <3.1.2 - Arbitrary Function Call 漏洞描述 WordPress WooCommerce plugin before 3.1.2 does not have authorisation and CSRF checks in ...

漏洞标题 CVE-2025-49029: WordPress Custom Login And Signup Widget Plugin <= 1.0 - Arbitrary Code Execution 漏洞描述 Improper Control of Generation of Code ('Code Injection&...

漏洞标题 CVE-2019-9082: ThinkPHP < 3.2.4 - Remote Code Execution 漏洞描述 ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Exec...

漏洞标题 CVE-2024-21644: pyLoad Flask Config - Access Control 漏洞描述 pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can brow...

漏洞标题 CVE-2025-34085: WordPress Simple File List <=4.2.2 - Remote Code Execution 漏洞描述 An unrestricted file upload vulnerability in the WordPress Simple File List plugin b...

漏洞标题 CVE-2023-40750: PHPJabbers Yacht Listing Script v1.0 - Cross-Site Scripting 漏洞描述 There is a Cross Site Scripting (XSS) vulnerability in the "action" paramete...

漏洞标题 CVE-2020-25506: D-Link DNS-320 - Unauthenticated Remote Code Execution 漏洞描述 D-Link DNS-320 FW v2.06B01 Revision Ax is susceptible to a command injection vulnerability ...

漏洞标题 CVE-2022-33174: Powertek Firmware <3.30.30 - Authorization Bypass 漏洞描述 Powertek firmware (multiple brands) before 3.30.30 running Power Distribution Units are vulne...

漏洞标题 CVE-2014-6271: ShellShock - Remote Code Execution 漏洞描述 GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variable...

漏洞标题 CVE-2016-1000131: WordPress e-search <=1.0 - Cross-Site Scripting 漏洞描述 WordPress e-search 1.0 and before contains a reflected cross-site scripting vulnerability via...

漏洞标题 CVE-2021-44228: Apache Log4j2 Remote Code Injection 漏洞描述 Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect aga...

漏洞标题 CVE-2013-2251: Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution (S2-016) 漏洞描述 In Struts 2 before 2.3.15.1 the information following "action:&quo...

漏洞标题 CVE-2010-1953: Joomla! Component iNetLanka Multiple Map 1.0 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the iNetLanka Multiple Map (com_multimap...

漏洞标题 CVE-2023-7164: WordPress BackWPup < 4.0.4 - Backup File Disclosure 漏洞描述 BackWPup WordPress plugin < 4.0.4 contains a directory listing vulnerability caused by la...

漏洞标题 CVE-2019-7255: Linear eMerge E3 - Cross-Site Scripting 漏洞描述 Linear eMerge E3-Series devices are vulnerable to cross-site scripting via the 'layout' parameter...

漏洞标题 CVE-2025-51501: Microweber CMS2.0 - Cross-Site Scripting 漏洞描述 Reflected Cross-Site Scripting (XSS) in the `id` parameter of the `live_edit.module_settings` API endpoin...