漏洞标题 CVE-2021-32478: Moodle 3.8-3.10.3 - Reflected XSS & Open Redirect 漏洞描述 Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8 contain a reflected XSS and open ...

漏洞标题 CVE-2022-26138: Atlassian Questions For Confluence - Hardcoded Credentials 漏洞描述 Atlassian Questions For Confluence contains a hardcoded credentials vulnerability. When...

漏洞标题 CVE-2023-39560: ECTouch v2 - SQL Injection 漏洞描述 ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr['id'] parameter at \default\h...

漏洞标题 CVE-2022-1398: External Media without Import <=1.1.2 - Authenticated Blind Server-Side Request Forgery 漏洞描述 WordPress External Media without Import plugin through 1...

漏洞标题 CVE-2020-26217: XStream <1.4.14 - Remote Code Execution 漏洞描述 XStream before 1.4.14 is susceptible to remote code execution. An attacker can run arbitrary shell comm...

漏洞标题 CVE-2024-9989: Crypto <= 2.15 - Authentication Bypass 漏洞描述 The Crypto plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, ...

漏洞标题 CVE-2024-41667: OpenAM<=15.0.3 FreeMarker - Template Injection 漏洞描述 OpenAM is an open access management solution. In versions 15.0.3 and prior, the `getCustomLoginU...

漏洞标题 CVE-2024-6420: Hide My WP Ghost < 5.2.02 - Hidden Login Page Disclosure 漏洞描述 The Hide My WP Ghost plugin does not prevent redirects to the login page via the auth_r...

漏洞标题 CVE-2019-16662: rConfig 3.9.2 - Remote Code Execution 漏洞描述 rConfig 3.9.2 is susceptible to a remote code execution vulnerability. An attacker can directly execute syst...

漏洞标题 CVE-2019-2725: Oracle WebLogic Server - Remote Command Execution 漏洞描述 The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services) all...

漏洞标题 CVE-2022-3124: Frontend File Manager < 21.3 - Unauthenticated File Renaming 漏洞描述 The Frontend File Manager Plugin WordPress plugin before 21.3 allows any unauthenti...

漏洞标题 CVE-2023-37645: EyouCms v1.6.3 - Information Disclosure 漏洞描述 EyouCms v1.6.3 was discovered to contain an information disclosure vulnerability via the component /custom...

漏洞标题 CVE-2024-51211: openSIS Classic v9.1 - SQL Injection 漏洞描述 SQL injection vulnerability exists in OS4ED openSIS-Classic Version 9.1, specifically in the resetuserinfo.ph...

漏洞标题 CVE-2022-29455-headless: WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting 漏洞描述 WordPress Elementor Website Builder plugin 3.5.5 and prior con...

漏洞标题 CVE-2020-14883: Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution 漏洞描述 The Oracle Fusion Middleware WebLogic Server admin console...

漏洞标题 CVE-2022-0787: Limit Login Attempts (Spam Protection) < 5.1 - SQL Injection 漏洞描述 The Limit Login Attempts (Spam Protection) WordPress plugin before 5.1 does not san...