漏洞标题 CVE-2020-27982: IceWarp WebMail 11.4.5.0 - Cross-Site Scripting 漏洞描述 IceWarp WebMail 11.4.5.0 is vulnerable to cross-site scripting via the language parameter. PoC代码

漏洞标题 CVE-2025-26319: FlowiseAI Flowise <= 2.2.6 - Arbitrary File Upload 漏洞描述 FlowiseAI Flowise version 2.2.6 and below contains an arbitrary file upload vulnerability in...

漏洞标题 Apache Struts2(S2-001)远程代码执行漏洞(CVE-2007-4556) 漏洞描述 在Struts2 WebWork 2.1+ 和 Struts 2 的“altSyntax”功能允许将 OGNL表达式插入到文本字符串中并进行递归处理。这...

漏洞标题 CVE-2024-0250: Analytics Insights for Google Analytics 4 < 6.3 - Open Redirect 漏洞描述 The plugin is vulnerable to Open Redirect due to insufficient validation on the ...

漏洞标题 CVE-2024-12987: DrayTek Vigor - Command Injection 漏洞描述 DrayTek Gateway devices (Vigor2960, Vigor300B, etc.) are vulnerable to command injection via the session paramet...

漏洞标题 CVE-2011-5106: WordPress Plugin Flexible Custom Post Type < 0.1.7 - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in edit-post.php in the Flexible ...

漏洞标题 CVE-2024-41107: Apache CloudStack - SAML Signature Exclusion 漏洞描述 The CloudStack SAML authentication (disabled by default) does not enforce signature check. In CloudSt...

漏洞标题 CVE-2017-9506: Atlassian Jira IconURIServlet - Cross-Site Scripting/Server-Side Request Forgery 漏洞描述 The Atlassian Jira IconUriServlet of the OAuth Plugin from version...

漏洞标题 CVE-2020-10199: Sonatype Nexus Repository Manager 3 - Remote Code Execution 漏洞描述 Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection PoC代码

漏洞标题 CVE-2024-31621: Flowise 1.6.5 - Authentication Bypass 漏洞描述 The flowise version <= 1.6.5 is vulnerable to authentication bypass vulnerability. PoC代码

漏洞标题 CVE-2021-26086: Atlassian Jira Limited - Local File Inclusion 漏洞描述 Affected versions of Atlassian Jira Limited Server and Data Center are vulnerable to local file incl...

漏洞标题 CVE-2021-39226: Grafana Snapshot - Authentication Bypass 漏洞描述 Grafana instances up to 7.5.11 and 8.1.5 allow remote unauthenticated users to view the snapshot associat...

漏洞标题 CVE-2019-9757: LabKey Server 19.1.0 - XML External Entity (XXE) 漏洞描述 An issue was discovered in LabKey Server 19.1.0. Sending an SVG containing an XXE payload to the e...

漏洞标题 CVE-2020-22165: PHPGurukul Hospital Management System 4.0 - SQL Injection 漏洞描述 PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \...

漏洞标题 CVE-2015-8399: Atlassian Confluence configuration files read 漏洞描述 Atlassian Confluence before 5.9.1 allows remote attackers to read arbitrary files via a crafted reque...

漏洞标题 CVE-2023-31548: ChurchCRM v4.5.3 - Cross-Site Scripting 漏洞描述 A stored Cross-site scripting (XSS) vulnerability in the FundRaiserEditor.php component of ChurchCRM v4.5....