最新发布第46页
CVE-2023-0261: WordPress WP TripAdvisor Review Slider <10.8 - Authenticated SQL Injection
漏洞标题 CVE-2023-0261: WordPress WP TripAdvisor Review Slider <10.8 - Authenticated SQL Injection 漏洞描述 WordPress WP TripAdvisor Review Slider plugin before 10.8 is suscepti...
CVE-2022-29383: NETGEAR ProSafe SSL VPN firmware – SQL Injection
漏洞标题 CVE-2022-29383: NETGEAR ProSafe SSL VPN firmware - SQL Injection 漏洞描述 NETGEAR ProSafe SSL VPN multiple firmware versions were discovered to contain a SQL injection vul...
CVE-2020-16846: SaltStack Shell Injection
漏洞标题 CVE-2020-16846: SaltStack Shell Injection 漏洞描述 An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH clien...
CVE-2023-49103: OwnCloud – Phpinfo Configuration
漏洞标题 CVE-2023-49103: OwnCloud - Phpinfo Configuration 漏洞描述 An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app...
全球业务关闭,年收入百亿物流公司Expeditors遭受网络攻击
物流和货运代理巨头Expeditors International是总部位于美国西雅图的财富500强公司,在 100 多个国家和地区拥有上万名员工,去年年收入超过百亿。上周日,Expeditors宣布确认了一起网络攻击事件...
CVE-2016-1000148: WordPress S3 Video <=0.983 - Cross-Site Scripting
漏洞标题 CVE-2016-1000148: WordPress S3 Video <=0.983 - Cross-Site Scripting 漏洞描述 WordPress S3 Video and before contains a reflected cross-site scripting vulnerability which...
CVE-2025-56819: Datart v1.0.0-rc.3 – Remote Code Execution
漏洞标题 CVE-2025-56819: Datart v1.0.0-rc.3 - Remote Code Execution 漏洞描述 Datart v1.0.0-rc.3 contains a vulnerability that allows remote attackers to execute arbitrary code via ...
CVE-2017-1000170: WordPress Delightful Downloads Jquery File Tree 2.1.5 – Local File Inclusion
漏洞标题 CVE-2017-1000170: WordPress Delightful Downloads Jquery File Tree 2.1.5 - Local File Inclusion 漏洞描述 WordPress Delightful Downloads Jquery File Tree versions 2.1.5 and ...
CVE-2025-11749: WordPress AI Engine Plugin – Token Exposure
漏洞标题 CVE-2025-11749: WordPress AI Engine Plugin - Token Exposure 漏洞描述 Unauthenticated sensitive information exposure in AI Engine WordPress plugin <= 3.1.3 exposes beare...
CVE-2025-1097: Ingress-Nginx Controller – Configuration Injection via Unsanitized `auth-tls-match-cn` Annotation
漏洞标题 CVE-2025-1097: Ingress-Nginx Controller - Configuration Injection via Unsanitized `auth-tls-match-cn` Annotation 漏洞描述 A security issue was discovered in ingress-nginx ...
CVE-2025-61882: Oracle E-Business Suite 12.2.3–12.2.14 – Remote Code Execution
漏洞标题 CVE-2025-61882: Oracle E-Business Suite 12.2.3–12.2.14 – Remote Code Execution 漏洞描述 Oracle Concurrent Processing 12.2.3-12.2.14 contains a remote code execution caus...
CVE-2022-44877: Centos Web Panel 7 Unauthenticated Remote Code
漏洞标题 CVE-2022-44877: Centos Web Panel 7 Unauthenticated Remote Code 漏洞描述 Shodan: http.title:"Login | Control WebPanel" fofa: app="CWP-虚拟主机控制面板" ...
Copyparty1.8.6存在XSS漏洞(CVE-2025-54589)
漏洞标题 Copyparty1.8.6存在XSS漏洞(CVE-2025-54589) 漏洞描述 Copyparty1.8.6存在XSS漏洞,攻击者可以获取用户敏感信息。 PoC代码 暂无
CVE-2022-1910: WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting
漏洞标题 CVE-2022-1910: WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting 漏洞描述 WordPress Shortcodes and extra features plugin for the Phlox the...
CVE-2019-20141: WordPress Laborator Neon Theme 2.0 – Cross-Site Scripting
漏洞标题 CVE-2019-20141: WordPress Laborator Neon Theme 2.0 - Cross-Site Scripting 漏洞描述 WordPress Laborator Neon theme 2.0 contains a cross-site scripting vulnerability via the...
CVE-2020-15415: DrayTek Vigor – Command Injection
漏洞标题 CVE-2020-15415: DrayTek Vigor - Command Injection 漏洞描述 DrayTek Vigor devices contain a command injection vulnerability in the cvmcfgupload functionality. The vulnerabi...






