漏洞标题 CVE-2020-22208: 74cms - ajax_street.php 'x' SQL Injection 漏洞描述 SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajax_street.php. PoC代码

漏洞标题 CVE-2023-4173: mooSocial 3.1.8 - Reflected XSS 漏洞描述 A vulnerability, which was classified as problematic, was found in mooSocial mooStore 3.1.6. Affected is an unknown...

漏洞标题 CVE-2018-15961: Adobe ColdFusion - Unrestricted File Upload Remote Code Execution 漏洞描述 Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlie...

漏洞标题 CVE-2019-20183: Simple Employee Records System 1.0 - Unrestricted File Upload 漏洞描述 Simple Employee Records System 1.0 contains an arbitrary file upload vulnerability d...

漏洞标题 CVE-2015-1503: IceWarp Mail Server <11.1.1 - Directory Traversal 漏洞描述 IceWarp Mail Server versions prior to 11.1.1 suffer from a directory traversal vulnerability. ...

漏洞标题 CVE-2022-2488: Wavlink WN535K2/WN535K3 - OS Command Injection 漏洞描述 Wavlink WN535K2 and WN535K3 routers are susceptible to OS command injection in /cgi-bin/touchlist_sy...

漏洞标题 CVE-2012-4242: WordPress Plugin MF Gig Calendar 0.9.2 - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in the MF Gig Calendar plugin 0.9.2 for WordPres...

漏洞标题 chamilo model.ajax.php 存在sql注入漏洞 (CVE-2021-34187) 漏洞描述 Chamilo是一个开源的在线学习管理系统（LMS），用于创建和管理在线课程、培训和考试。它提供了一个完整的学习环境...

漏洞标题 CVE-2024-25852: Linksys RE7000 - Command Injection 漏洞描述 Linksys RE7000 v2.0.9, v2.0.11, and v2.0.15 have a command execution vulnerability in the "AccessControlLi...

漏洞标题 CVE-2025-24354: Imgproxy < 3.27.2 - Server-Side Request Forgery (SSRF) 漏洞描述 imgproxy contains an issue caused by not blocking the 0.0.0.0 address even when IMGPROXY...

漏洞标题 CVE-2018-20463: WordPress JSmol2WP <=1.07 - Local File Inclusion 漏洞描述 WordPress JSmol2WP plugin 1.07 is susceptible to local file inclusion via ../ directory traver...

漏洞标题 CVE-2019-12581: Zyxel ZyWal/USG/UAG Devices - Cross-Site Scripting 漏洞描述 Zyxel ZyWall, USG, and UAG devices allow remote attackers to inject arbitrary web script or HTM...

漏洞标题 CVE-2023-23488: WordPress Paid Memberships Pro <2.9.8 - Blind SQL Injection 漏洞描述 WordPress Paid Memberships Pro plugin before 2.9.8 contains a blind SQL injection v...

漏洞标题 H3C Magic NX系列设备存在远程命令执行漏洞（CVE-2025-2725） 漏洞描述 H3C Magic NX系列设备（包括Magic NX15、Magic NX30 Pro、Magic NX400），以及Magic R系列设备（如MagicR3010）...

漏洞标题 CVE-2020-9402: Django SQL Injection 漏洞描述 Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allow SQL injection if untrusted data is used as a toleran...

漏洞标题 CVE-2021-37416: Zoho ManageEngine ADSelfService Plus <=6103 - Cross-Site Scripting 漏洞描述 Zoho ManageEngine ADSelfService Plus 6103 and prior contains a reflected cro...