漏洞标题 CVE-2022-31854: Codoforum 5.1 - Arbitrary File Upload 漏洞描述 Codoforum 5.1 contains an arbitrary file upload vulnerability via the logo change option in the admin panel....

漏洞标题 CVE-2023-49103: OwnCloud - Phpinfo Configuration 漏洞描述 An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app...

漏洞标题 CVE-2022-0783: Multiple Shipping Address Woocommerce < 2.0 - SQL Injection 漏洞描述 The Multiple Shipping Address Woocommerce plugin before 2.0 does not properly saniti...

漏洞标题 Atlassian Jira 文件读取漏洞(CVE-2021-26086) 漏洞描述 Atlassian JIRAServer是澳大利亚Atlassian公司的一套缺陷跟踪管理系统的服务器版本。该系统主要用于跟踪管理对工作中各类问题...

漏洞标题 Atlassian Confluence /json/setup-restore.action 文件上传漏洞（CVE-2023-22518） 漏洞描述 Atlassian Confluence是一款企业知识管理与协作软件。该漏洞存在于Atlassian Confluence...

payload：'<sCriPt>setTimeout('ale'%2b'rt(/XSS/)',0)</sCriPt> 网站记录用户的历史查询记录往往都是以cookie的方式保存，安全策略往往很少覆盖到这类数据，该类型漏洞可当作xss的...

漏洞标题 CVE-2014-1842: Titan FTP Server Search Function < 10.40 - User Enumeration 漏洞描述 Titan FTP Server versions prior to 10.40 build 1829 contain a directory traversal vu...

漏洞标题 CVE-2010-1531: Joomla! Component redSHOP 1.0 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! a...

漏洞标题 CVE-2018-8006: Apache ActiveMQ <=5.15.5 - Cross-Site Scripting 漏洞描述 Apache ActiveMQ versions 5.0.0 to 5.15.5 are vulnerable to cross-site scripting via the web base...

漏洞标题 CVE-2025-6058: WPBookit <= 1.0.4 - Unauthenticated Arbitrary File Upload 漏洞描述 The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missi...

漏洞标题 CVE-2020-9344: Jira Subversion ALM for Enterprise <8.8.2 - Cross-Site Scripting 漏洞描述 Jira Subversion ALM for Enterprise before 8.8.2 contains a cross-site scripting...

漏洞标题 CVE-2023-29919: SolarView Compact <= 6.00 - Local File Inclusion 漏洞描述 There is an arbitrary read file vulnerability in SolarView Compact 6.00 and below, attackers c...

漏洞标题 CVE-2023-37999: HT Mega – Absolute Addons for Elementor <= 2.2.0 - Missing Authorization to Privilege Escalation 漏洞描述 The HT Mega plugin for WordPress is vulnerabl...

漏洞标题 CVE-2012-4273: 2 Click Socialmedia Buttons < 0.34 - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in libs/xing.php in the 2 Click Social Media Butt...

漏洞标题 CVE-2016-10973: Brafton WordPress Plugin < 3.4.8 - Cross-Site Scripting 漏洞描述 The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=B...

漏洞标题 Apache Struts2(S2-061)远程代码执行漏洞(CVE-2020-17530) 漏洞描述 Apache Struts2框架是一个用于开发Java EE网络应用程序的Web框架。Struts2 会对某些标签属性(比如 id，其他属性有...