漏洞标题 CVE-2019-16313: ifw8 Router ROM v4.31 Credential Discovery 漏洞描述 蜂网互联企业级路由器v4.31存在接口未授权访问，导致攻击者可以是通过此漏洞得到路由器账号密码接管路由器 app...

漏洞标题 CVE-2018-17207: WordPress Duplicator Plugin < 1.2.42 - Arbitrary Code Execution 漏洞描述 An issue was discovered in Snap Creek Duplicator before 1.2.42. By accessing le...

漏洞标题 CVE-2023-3479: Hestiacp <= 1.7.7 - Cross-Site Scripting 漏洞描述 Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.7.8. PoC代码

漏洞标题 CVE-2021-37415: Zoho ManageEngine ServiceDesk Plus - Authentication Bypass 漏洞描述 Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass ...

漏洞标题 CVE-2017-5521: Bypassing Authentication on NETGEAR Routers 漏洞描述 NETGEAR routers before 6.0.10 allow remote attackers to bypass authentication and gain access to the ro...

漏洞标题 CVE-2018-7700: DedeCMS 5.7SP2 - Cross-Site Request Forgery/Remote Code Execution 漏洞描述 DedeCMS 5.7SP2 is susceptible to cross-site request forgery with a corresponding ...

漏洞标题 CVE-2020-17518: Apache Flink 1.5.1 - Local File Inclusion 漏洞描述 Apache Flink 1.5.1 is vulnerable to local file inclusion because of a REST handler that allows file uplo...

漏洞标题 CVE-2021-24926: WordPress Domain Check <1.0.17 - Cross-Site Scripting 漏洞描述 WordPress Domain Check plugin before 1.0.17 contains a reflected cross-site scripting vul...

漏洞标题 CVE-2025-6197: Open Redirect via Organization Switching 漏洞描述 An open redirect vulnerability has been identified in Grafana OSS organization switching functionality. Pr...

漏洞标题 CVE-2022-1952: WordPress eaSYNC Booking <1.1.16 - Arbitrary File Upload 漏洞描述 WordPress eaSync Booking plugin bundle for hotel, restaurant and car rental before 1.1....

漏洞标题 CVE-2022-44290: WebTareas 2.4p5 - SQL Injection 漏洞描述 webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstag...

漏洞标题 CVE-2019-20224: PandoraFMS v7.0NG Post-auth Remote Code Execution 漏洞描述 Pandora FMS 7.0NG allows remote authenticated users to execute arbitrary OS commands via shell m...

漏洞标题 CVE-2019-17230: WordPress OneTone theme <= 3.0.6 – Unauthenticated Options Changes 漏洞描述 includes/theme-functions.php in the OneTone theme through 3.0.6 for WordPre...

漏洞标题 CVE-2025-11749: WordPress AI Engine Plugin - Token Exposure 漏洞描述 Unauthenticated sensitive information exposure in AI Engine WordPress plugin <= 3.1.3 exposes beare...

漏洞标题 CVE-2025-49596: MCP Inspector < 0.14.0 UnauthenticatedRemote Code Execution 漏洞描述 The MCP inspector is a developer tool for testing and debugging MCP servers. Versio...

漏洞标题 CVE-2025-59287: Windows Server Update Service - Insecure Deserialization 漏洞描述 Windows Server Update Service contains an insecure deserialization vulnerability caused b...