漏洞标题 CVE-2021-43062: Fortinet FortiMail 7.0.1 - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in FortiMail may allow an unauthenticated attacker to perform...

漏洞标题 CVE-2022-0949: WordPress Stop Bad Bots <6.930 - SQL Injection 漏洞描述 WordPress Stop Bad Bots plugin before 6.930 contains a SQL injection vulnerability. The plugin do...

漏洞标题 CVE-2025-8943: Flowise < 3.0.1 - Remote Command Execution 漏洞描述 The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to s...

漏洞标题 CVE-2018-12613: PhpMyAdmin 4.8.1 Remote File Inclusion 漏洞描述 An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potent...

漏洞标题 CVE-2019-11886: Yellow Pencil Visual Theme Customizer < 7.2.1 - Privilege Escalation 漏洞描述 The WaspThemes Visual CSS Style Editor (aka yellow-pencil-visual-theme-cus...

漏洞标题 Appium Desktop CVE-2023-2479 命令注入漏洞 漏洞描述 Appium Desktop CVE-2023-2479 命令注入漏洞 日期: 2024-02-07 | 影响软件: Appium Desktop | PoC代码 暂无

漏洞标题 CVE-2012-0392: Apache Struts2 S2-008 RCE 漏洞描述 The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows r...

漏洞标题 CVE-2021-36260: Hikvision IP camera/NVR - Remote Command Execution 漏洞描述 Certain Hikvision products contain a command injection vulnerability in the web server due to t...

漏洞标题 CVE-2019-10647: ZZZCMS ZZZPHP 1.6.3 – Remote PHP Code Execution (RCE) 漏洞描述 ZZZCMS zzzphp v1.6.3 contains a remote code execution caused by lack of restrictions in inc...

漏洞标题 CVE-2020-24148: Import XML & RSS Feeds WordPress Plugin <= 2.0.1 Server-Side Request Forgery 漏洞描述 WordPress plugin Import XML and RSS Feeds (import-xml-feed) pl...

漏洞标题 CVE-2019-7256: eMerge E3 1.00-06 - Remote Code Execution 漏洞描述 Linear eMerge E3-Series devices are susceptible to remote code execution vulnerabilities. PoC代码

漏洞标题 CVE-2020-7980: Satellian 1.12 Remote Code Execution 漏洞描述 厦门服云信息科技有限公司网站安全狗APACHE版存在webshell绕过漏洞，攻击者可以利用漏洞绕过网站安全狗获取服务器权限...

漏洞标题 CVE-2023-34124: SonicWall GMS and Analytics Web Services - Shell Injection 漏洞描述 The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficie...

漏洞标题 CVE-2015-4455: WordPress Plugin Aviary Image Editor Addon For Gravity Forms 3.0 Beta - Arbitrary File Upload 漏洞描述 Unrestricted file upload vulnerability in includes/up...

杂谈 你见过插入U盘就可以自动关闭windows防火墙的操作吗？你尝试过把自己的U盘伪装成鼠标或者键盘吗？为了整蛊热心网友，还可以插入U盘之后让他自动播放音乐或者视频，拔掉也没有用，是不是有...

漏洞标题 CVE-2021-43778: GLPI plugin Barcode < 2.6.1 - Path Traversal Vulnerability. 漏洞描述 Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version...