漏洞标题 CVE-2010-1304: Joomla! Component User Status - Local File Inclusion 漏洞描述 A directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) comp...

漏洞标题 CVE-2024-38653: Ivanti Avalanche SmartDeviceServer - XML External Entity 漏洞描述 XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attack...

漏洞标题 CVE-2019-7139: Magento - SQL Injection 漏洞描述 An unauthenticated user can execute SQL statements that allow arbitrary read access to the underlying database, which cause...

漏洞标题 Adobe ColdFusion CVE-2024-20767 任意文件读取漏洞 漏洞描述 Adobe ColdFusion中存在任意文件读取漏洞，此漏洞是由于未充分验证用户输入file_name参数的数据所导致的。 PoC代码 暂无

漏洞标题 CVE-2022-2130: Microweber < 1.2.17 - Cross-Site Scripting 漏洞描述 Cross-site Scripting (XSS) vulnerability in the /demo/editor_tools/module endpoint via the 'type...

漏洞标题 CVE-2022-1910: WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting 漏洞描述 WordPress Shortcodes and extra features plugin for the Phlox the...

漏洞标题 CVE-2018-19915: DomainMOD <=4.11.01 - Cross-Site Scripting 漏洞描述 DomainMOD through version 4.11.01 is vulnerable to cross-site scripting via the assets/edit/host.php...

这篇文章主要介绍了查看nginx配置文件路径和资源文件路径,本文给大家介绍的非常详细，对大家的学习或工作具有一定的参考借鉴价值，需要的朋友可以参考下 查看nginx配置文件路径 通过 nginx -t n...

漏洞标题 CVE-2008-6080: Joomla! ionFiles 4.4.2 - Local File Inclusion 漏洞描述 Joomla! ionFiles 4.4.2 is susceptible to local file inclusion in download.php in the ionFiles (com_io...

漏洞标题 CVE-2021-24762: WordPress Perfect Survey <1.5.2 - SQL Injection 漏洞描述 Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET p...

漏洞标题 CVE-2023-38992: Jeecg-Boot v3.5.1 - SQL Injection 漏洞描述 SQL injection vulnerability via the title parameter at /sys/dict/loadTreeData in jeecg-boot v3.5.1. PoC代码

漏洞标题 CVE-2020-15050: Suprema BioStar <2.8.2 - Local File Inclusion 漏洞描述 Suprema BioStar before 2.8.2 Video Extension allows remote attackers can read arbitrary files fro...

漏洞标题 CVE-2023-23488: WordPress Paid Memberships Pro <2.9.8 - Blind SQL Injection 漏洞描述 WordPress Paid Memberships Pro plugin before 2.9.8 contains a blind SQL injection v...

CheckIn题目分析 首先我们来看一下题目，首页就是一个简单的上传界面： 我们先上传一个php文件试一下，显然是illegal的 经过fuzz发现修改content-type和利用特殊扩展名php5、pht等都没有成功（...

漏洞标题 CVE-2024-10783: WordPress Plugin MainWP Child - Authentication Bypass 漏洞描述 The plugin is vulnerable to an authentication bypass that allows an unauthenticated user to ...

漏洞标题 CVE-2024-33113: D-LINK DIR-845L bsc_sms_inbox.php file - Information Disclosure 漏洞描述 D-LINK DIR-845L <=v1.01KRb03 is vulnerable to Information disclosurey via bsc_s...