漏洞标题 CVE-2011-5265: Featurific For WordPress 1.6.2 - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in cached_image.php in the Featurific For WordPress plug...

漏洞标题 CVE-2022-32195: Open edX <2022-06-06 - Cross-Site Scripting 漏洞描述 Open edX before 2022-06-06 contains a reflected cross-site scripting vulnerability via the 'ne...

漏洞标题 CVE-2022-34590: Hospital Management System 1.0 - SQL Injection 漏洞描述 Hospital Management System 1.0 contains a SQL injection vulnerability via the editid parameter in /...

漏洞标题 CVE-2023-1454: Jeecg-boot 3.5.0 qurestSql - SQL Injection 漏洞描述 A vulnerability classified as critical has been found in jeecg-boot 3.5.0. This affects an unknown part ...

漏洞标题 CVE-2022-1168: WordPress WP JobSearch <1.5.1 - Cross-Site Scripting 漏洞描述 WordPress WP JobSearch plugin prior to 1.5.1 contains a cross-site scripting vulnerability....

漏洞标题 CVE-2021-44228: Apache Log4j2 Remote Code Injection 漏洞描述 Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect aga...

漏洞标题 CVE-2012-0392: Apache Struts2 S2-008 RCE 漏洞描述 The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows r...

对象存储桶配置不当可查看对象列表漏洞的成因是'网站所使用的对象存储桶访问权限为共有读而非私有',在弄清这个原因之前我们先分析一下对象存储桶的权限策略 这里我拿华为云的对象存储桶来说明 ...

漏洞标题 CVE-2023-3847: MooDating 1.2 - Cross-Site scripting 漏洞描述 A vulnerability classified as problematic was found in mooSocial mooDating 1.2. This vulnerability affects unk...

漏洞标题 CVE-2014-8799: WordPress Plugin DukaPress 2.5.2 - Directory Traversal 漏洞描述 A directory traversal vulnerability in the dp_img_resize function in php/dp-functions.php in...

漏洞标题 CVE-2021-24335: WordPress Car Repair Services & Auto Mechanic Theme <4.0 - Cross-Site Scripting 漏洞描述 WordPress Car Repair Services & Auto Mechanic before 4....

漏洞标题 CVE-2022-0656: uDraw <3.3.3 - Local File Inclusion 漏洞描述 uDraw before 3.3.3 does not validate the url parameter in its udraw_convert_url_to_base64 AJAX action (avail...

漏洞标题 CVE-2010-1312: Joomla! Component News Portal 1.5.x - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the iJoomla News Portal (com_news_portal) compone...

漏洞标题 CVE-2020-14883: Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution 漏洞描述 The Oracle Fusion Middleware WebLogic Server admin console...

漏洞标题 CVE-2021-24488: WordPress Post Grid <2.1.8 - Cross-Site Scripting 漏洞描述 WordPress Post Grid plugin before 2.1.8 contains a reflected cross-site scripting vulnerabili...

漏洞标题 CVE-2021-37416: Zoho ManageEngine ADSelfService Plus <=6103 - Cross-Site Scripting 漏洞描述 Zoho ManageEngine ADSelfService Plus 6103 and prior contains a reflected cro...