漏洞标题 CiscoIOSXEWLC-CVE-2025-20188-任意文件上传 漏洞描述 用于无线局域网控制器 （WLC） 的 Cisco IOS XE 软件的带外接入点 （AP）映像下载功能中存在一个漏洞，该漏洞可能允许未经身份验...

漏洞标题 CVE-2025-55523: Agent-Zero 0.8.0 - 0.9.4 - Arbitrary File Download 漏洞描述 Agent-Zero v0.8.0 - 0.9.4 contains a path traversal caused by improper validation in /api/downl...

漏洞标题 CVE-2025-0133: PAN-OS - Reflected Cross-Site Scripting 漏洞描述 A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway and portal features of ...

漏洞标题 CVE-2025-26319: FlowiseAI Flowise <= 2.2.6 - Arbitrary File Upload 漏洞描述 FlowiseAI Flowise version 2.2.6 and below contains an arbitrary file upload vulnerability in...

漏洞标题 CVE-2025-34032: Moodle LMS Jmol Plugin <= 6.1 - Cross-Site Scripting 漏洞描述 A reflected cross-site scripting (XSS) vulnerability exists in the Moodle LMS Jmol plugin ...

漏洞标题 CVE-2025-2539: File Away <= 3.9.9.0.1 - Missing Authorization to Unauthenticated Arbitrary File Read 漏洞描述 The File Away plugin for WordPress is vulnerable to unauth...

漏洞标题 CVE-2025-4008: MeteoBridge <= 6.1 - Remote Code Execution 漏洞描述 The Meteobridge web interface let meteobridge administrator manage their weather station data collect...

漏洞标题 CVE-2025-24514: Ingress-Nginx Controller - Configuration Injection via Unsanitized `auth-url` Annotation 漏洞描述 A security issue was discovered in ingress-nginx https-//...

漏洞标题 CVE-2025-55169: WeGIA - Directory Traversal 漏洞描述 WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to vers...

漏洞标题 CVE-2025-25062: Backdrop CMS - Cross-Site Scripting 漏洞描述 An XSS issue was discovered in Backdrop CMS 1.28.x before 1.28.5 and 1.29.x before 1.29.3. It doesn't suf...

漏洞标题 (CVE-2025-4388)Liferay Portal及DXP反射型跨站脚本漏洞 漏洞描述 (CVE-2025-4388)Liferay Portal及DXP反射型跨站脚本漏洞 PoC代码 暂无

漏洞标题 CVE-2025-12055: MPDV Mikrolab GmbH HYDRA X, MIP 2 & FEDRA 2 - Path Traversal 漏洞描述 MPDV Mikrolab GmbH HYDRA X, MIP 2, and FEDRA 2 <= Maintenance Pack 36 with Ser...

漏洞标题 CVE-2025-53364: Parse Server - GraphQL Schema Information Disclosure 漏洞描述 The Parse Server GraphQL API previously allowed public access to the GraphQL schema without r...

漏洞标题 CVE-2025-46818: Redis Lua Sandbox < 8.2.2 - Cross-User Escape 漏洞描述 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow...

漏洞标题 CVE-2025-55161: Stirling-PDF SSRF via Markdown 漏洞描述 Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1....

漏洞标题 CVE-2025-47423: Personal Weather Station Dashboard 12 - Directory Traversal 漏洞描述 Personal Weather Station Dashboard 12_lts allows unauthenticated remote attackers to r...