漏洞标题 CVE-2025-11371: Gladinet CentreStack & TrioFox - Local File Inclusion 漏洞描述 In the default installation and configuration of Gladinet CentreStack and TrioFox, there...

漏洞标题 CVE-2023-4490: WordPress Job Portal < 2.0.6 - SQL Injection 漏洞描述 The WP Job Portal WordPress plugin before 2.0.6 does not sanitise and escape the city parameter bef...

漏洞标题 CVE-2021-46422: Telesquare SDT-CW3B1 admin.cgi 远程命令执行漏洞 漏洞描述 Telesquare SDT-CW3B1 1.1.0版本中存在命令注入漏洞，攻击者通过漏洞可以获取服务器权限 fofa: app="...

漏洞标题 CVE-2022-29455-headless: WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting 漏洞描述 WordPress Elementor Website Builder plugin 3.5.5 and prior con...

漏洞标题 CVE-2017-18562: Error Log Viewer by BestWebSoft < 1.0.6 - Cross-Site Scripting 漏洞描述 The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues. ...

漏洞标题 Apache OFBiz CVE-2018-8033 XML外部实体注入漏洞 漏洞描述 Apache OFBiz存在XML外部实体注入漏洞，此漏洞是由于httpService接口对用户的请求验证不当导致的。 PoC代码 暂无

漏洞标题 CVE-2025-44148: MailEnable Mail Service < v10 - Cross-Site Scripting 漏洞描述 Cross Site Scripting (XSS) vulnerability in MailEnable before v10 allows a remote attacker...

漏洞标题 CVE-2019-2579: Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - SQL Injection 漏洞描述 The Oracle WebCenter Sites component of Oracle Fusion Middleware 12.2.1.3.0 is ...

漏洞标题 CVE-2021-42567: Apereo CAS Cross-Site Scripting 漏洞描述 Apereo CAS through 6.4.1 allows cross-site scripting via POST requests sent to the REST API endpoints. PoC代码

漏洞标题 CVE-2023-48728: WWBN AVideo 11.6 - Cross-Site Scripting 漏洞描述 A reflected XSS vulnerability exists in the functiongetOpenGraph videoName functionality of WWBN AVideo 11...

漏洞标题 CVE-2020-36731: Flexible Checkout Fields for WooCommerce <= 2.3.1 - Unauthenticated Arbitrary Plugin Settings Update 漏洞描述 The Flexible Checkout Fields for WooCommer...

漏洞标题 CVE-2020-25078: DLink Account Disclosure 漏洞描述 An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. The unauthenticated...

漏洞标题 CVE-2014-9119: WordPress DB Backup <=4.5 - Local File Inclusion 漏洞描述 WordPress Plugin DB Backup 4.5 and possibly prior versions are prone to a local file inclusion ...

漏洞标题 CVE-2021-24495: Wordpress Marmoset Viewer <1.9.3 - Cross-Site Scripting 漏洞描述 WordPress Marmoset Viewer plugin before 1.9.3 contains a cross-site scripting vulnerabi...

漏洞标题 CVE-2008-6982: Devalcms 1.4a - Cross-Site Scripting 漏洞描述 Devalcms 1.4a contains a cross-site scripting vulnerability in the currentpath parameter of the index.php file...

漏洞标题 CVE-2020-9547: FasterXML jackson-databind - Deserialization Remote Code Execution 漏洞描述 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction betwee...