漏洞标题 CVE-2019-8943: WordPress Core 5.0.0 - Crop-image Shell Upload 漏洞描述 WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to...

漏洞标题 CVE-2015-1000010: WordPress Simple Image Manipulator < 1.0 - Local File Inclusion 漏洞描述 WordPress Simple Image Manipulator 1.0 is vulnerable to local file inclusion ...

漏洞标题 CVE-2019-16313: ifw8 Router ROM v4.31 - Credential Discovery 漏洞描述 ifw8 Router ROM v4.31 is vulnerable to credential disclosure via action/usermanager.htm HTML source c...

漏洞标题 CVE-2014-6287: HTTP File Server <2.3c - Remote Command Execution 漏洞描述 HTTP File Server before 2.3c is susceptible to remote command execution. The findMacroMarker f...

漏洞标题 CVE-2023-0297: PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE) 漏洞描述 Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31. PoC代码

漏洞标题 CVE-2022-0212: WordPress Spider Calendar <=1.5.65 - Cross-Site Scripting 漏洞描述 WorsPress Spider Calendar plugin through 1.5.65 is susceptible to cross-site scripting...

漏洞标题 CVE-2023-1080: WordPress GN Publisher <1.5.6 - Cross-Site Scripting 漏洞描述 WordPress GN Publisher plugin before 1.5.6 is susceptible to cross-site scripting via the t...

漏洞标题 CVE-2021-24946: WordPress Modern Events Calendar <6.1.5 - Blind SQL Injection 漏洞描述 WordPress Modern Events Calendar plugin before 6.1.5 is susceptible to blind SQL ...

漏洞标题 CVE-2024-54764: ipTIME A2004 - Unauthorized Access 漏洞描述 An access control issue exists in the component /login/hostinfo2.cgi of ipTIME A2004 v12.17.0 that allows attac...

漏洞标题 CVE-2022-28290: WordPress Country Selector <1.6.6 - Cross-Site Scripting 漏洞描述 WordPress Country Selector plugin prior to 1.6.6 contains a cross-site scripting vulne...

漏洞标题 CVE-2025-47204: Bootstrap Multiselect <= 1.1.2 - Cross-Site Scripting 漏洞描述 A PHP script in the source code release echoes arbitrary POST data. If a developer adopts...

漏洞标题 CVE-2017-5638: Apache Struts 2 - Remote Command Execution S2-045 S2-046 漏洞描述 Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 is vulnerable to remote comm...

漏洞标题 CVE-2022-3477: WordPress tagDiv Composer < 3.5 - Authentication Bypass 漏洞描述 The tagDiv Composer WordPress plugin before 3.5, required by the Newspaper WordPress the...

漏洞标题 CVE-2023-30212: OURPHP <= 7.2.0 - Cross Site Scripting 漏洞描述 OURPHP <= 7.2.0 is vulnerale to Cross Site Scripting (XSS) via /client/manage/ourphp_out.php. PoC代码

漏洞标题 CVE-2025-55182: React Server Components - Remote Code Execution 漏洞描述 React Server Components 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including react-server-dom-parcel, reac...

漏洞标题 CVE-2020-27615: WordPress Loginizer < 1.6.4 – Unauthenticated SQL Injection via `log` Parameter 漏洞描述 The Loginizer plugin before 1.6.4 for WordPress allows SQL inj...