漏洞标题 CVE-2018-19751: DomainMOD 4.11.01 - Cross-Site Scripting 漏洞描述 DomainMOD 4.11.01 contains a cross-site scripting vulnerability via /admin/ssl-fields/add.php Display Nam...

漏洞标题 CVE-2024-9463: Palo Alto Expedition - RCE 漏洞描述 Palo Alto Networks Expedition的/API/convertCSVtoParquet.php接口存在命令注入漏洞，未经身份验证的攻击者可利用该漏洞在Exped...

漏洞标题 CVE-2023-3139: Protect WP Admin < 4.0 - Unauthenticated Protection Bypass 漏洞描述 The Protect WP Admin WordPress plugin before version 4.0 disclosed the URL of the adm...

漏洞标题 CVE-2020-9484: Apache Tomcat Remote Command Execution 漏洞描述 When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7...

漏洞标题 CVE-2023-7164: WordPress BackWPup < 4.0.4 - Backup File Disclosure 漏洞描述 BackWPup WordPress plugin < 4.0.4 contains a directory listing vulnerability caused by la...

漏洞标题 CVE-2015-2196: WordPress Spider Calendar <=1.4.9 - SQL Injection 漏洞描述 WordPress Spider Calendar plugin through 1.4.9 is susceptible to SQL injection. An attacker ca...

漏洞标题 CVE-2025-55182: React Server Components - Remote Code Execution 漏洞描述 React Server Components 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including react-server-dom-parcel, reac...

漏洞标题 CVE-2018-11709: WordPress wpForo Forum <= 1.4.11 - Cross-Site Scripting 漏洞描述 WordPress wpForo Forum plugin before 1.4.12 for WordPress allows unauthenticated reflec...

漏洞标题 CVE-2025-51501: Microweber CMS2.0 - Cross-Site Scripting 漏洞描述 Reflected Cross-Site Scripting (XSS) in the `id` parameter of the `live_edit.module_settings` API endpoin...

漏洞标题 CVE-2024-5765: WpStickyBar <= 2.1.0 - SQL Injection 漏洞描述 The plugin does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX...

漏洞标题 CVE-2022-1910: WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting 漏洞描述 WordPress Shortcodes and extra features plugin for the Phlox the...

漏洞标题 CVE-2016-1000126: WordPress Admin Font Editor <=1.8 - Cross-Site Scripting 漏洞描述 WordPress Admin Font Editor 1.8 and before contains a reflected cross-site scripting...

漏洞标题 CVE-2024-28397: pyload-ng js2py - Remote Code Execution 漏洞描述 An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitr...

漏洞标题 CVE-2018-7422: WordPress Site Editor <=1.1.1 - Local File Inclusion 漏洞描述 WordPress Site Editor through 1.1.1 allows remote attackers to retrieve arbitrary files via...

漏洞标题 CVE-2018-12296: Seagate NAS OS 4.3.15.1 - Server Information Disclosure 漏洞描述 Seagate NAS OS version 4.3.15.1 has insufficient access control which allows attackers to ...

漏洞标题 CVE-2023-30192: PrestaShop 'possearchproducts' <= 1.7 - SQL Injection 漏洞描述 In the module “Search Products” (possearchproducts) from PosThemes for Presta...