漏洞标题 CVE-2024-0200: Github Enterprise Authenticated Remote Code Execution 漏洞描述 An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead...

漏洞标题 CVE-2022-0206: WordPress NewStatPress <1.3.6 - Cross-Site Scripting 漏洞描述 WordPress NewStatPress plugin before 1.3.6 is susceptible to cross-site scripting. The plug...

漏洞标题 CVE-2022-2314: WordPress VR Calendar <=2.3.2 - Remote Code Execution 漏洞描述 WordPress VR Calendar plugin through 2.3.2 is susceptible to remote code execution. The pl...

漏洞标题 CVE-2021-43734: kkFileView getCorsFile 任意文件读取漏洞 漏洞描述 kkFileView getCorsFile 3.6.0 版本以下存在任意文件读取漏洞，攻击者通过漏洞可以获取服务器中的任意文件，获取...

漏洞标题 CVE-2021-22053: Spring Cloud Netflix Hystrix Dashboard <2.2.10 - Remote Code Execution 漏洞描述 Spring Cloud Netflix Hystrix Dashboard prior to version 2.2.10 is suscep...

漏洞标题 CVE-2024-48360: Qualitor <= v8.24 - Server-Side Request Forgery 漏洞描述 Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component...

漏洞标题 CVE-2022-25082: TOTOLink - Unauthenticated Command Injection 漏洞描述 TOTOLink A950RG V5.9c.4050_B20190424 and V4.1.2cu.5204_B20210112 were discovered to contain a command...

本文转载于公众号：融云攻防实验室，原文地址： 漏洞复现 CVE-2016-4437 Shiro1.2.4反序列化漏洞 ApacheShiro是一款开源安全框架，提供身份验证、授权、密码学和会话管理。Shiro框架直观、易用...

漏洞标题 CVE-2011-3315: Cisco CUCM, UCCX, and Unified IP-IVR- Directory Traversal 漏洞描述 A directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x an...

漏洞标题 CVE-2018-1000226: Cobbler - Authentication Bypass 漏洞描述 Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ and possibly even older versions, may be ...

漏洞标题 CVE-2022-22947: Spring Cloud Gateway Code Injection 漏洞描述 Applications using Spring Cloud Gateway prior to 3.1.1+ and 3.0.7+ are vulnerable to a code injection attack w...

漏洞标题 CVE-2018-5715: SugarCRM 3.5.1 - Cross-Site Scripting 漏洞描述 SugarCRM 3.5.1 is vulnerable to cross-site scripting via phprint.php and a parameter name in the query string...

漏洞标题 CVE-2020-28188: TerraMaster TOS - Unauthenticated Remote Command Execution 漏洞描述 TerraMaster TOS <= 4.2.06 is susceptible to a remote code execution vulnerability wh...

漏洞标题 CVE-2021-25085: WOOF WordPress plugin - Cross-Site Scripting 漏洞描述 The WOOF WordPress plugin does not sanitize or escape the woof_redraw_elements parameter before refle...

漏洞标题 CVE-2011-5252: Orchard 'ReturnUrl' Parameter URI - Open Redirect 漏洞描述 Open redirect vulnerability in Users/Account/LogOff in Orchard 1.0.x before 1.0.21, 1.1...

漏洞标题 CVE-2025-9196: Trinity Audio <= 5.21.0 - Information Exposure 漏洞描述 The Trinity Audio Text to Speech AI audio player to convert content into audio plugin for WordPre...