漏洞标题 Apache Tomcat Ajp webapp 任意文件读取漏洞(CVE-2020-1938) 漏洞描述 ApacheTomcat会开启AJP连接器,方便与其他Web服务器通过AJP协议进行交互。由于Tomcat本身也内含了HTTP服务器，因...

漏洞标题 CVE-2023-6553: Worpress Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution 漏洞描述 The Backup Migration plugin for WordPress is vulnerable to Remote Cod...

日本科技巨头松下（Panasonic）在上周五发布了一份声明，承认其服务器遭到了入侵，有未知的第三方非法访问了其技术文件和业务合作伙伴信息。松下在新闻稿中称其首次于11月11日发现入侵，但据日...

漏洞标题 CVE-2019-1821: Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager - Remote Code Execution 漏洞描述 Cisco Prime Infrastructure (PI) and Cisco Evolved...

漏洞标题 Apache Struts2(S2-062)远程代码执行漏洞(CVE-2021-31805) 漏洞描述 Apache Struts2框架是一个用于开发Java EE网络应用程序的Web框架。Apache Struts< 2.5.30存在OGNL表达式注入漏...

漏洞标题 CVE-2019-5127: YouPHPTube Encoder 2.3 - Remote Command Injection 漏洞描述 YouPHPTube Encoder 2.3 is susceptible to a command injection vulnerability which could allow an a...

漏洞标题 CVE-2018-15138: LG-Ericsson iPECS NMS 30M - Local File Inclusion 漏洞描述 Ericsson-LG iPECS NMS 30M allows local file inclusion via ipecs-cm/download?filename=../ URIs. Po...

漏洞标题 CVE-2022-29464: WSO2 Management - Arbitrary File Upload & Remote Code Execution 漏洞描述 Certain WSO2 products allow unrestricted file upload with resultant remote cod...

漏洞标题 CVE-2024-3656: Keycloak < 24.0.5 - Broken Access Control 漏洞描述 A flaw was found in Keycloak. Certain endpoints in Keycloak's admin REST API allow low-privilege ...

漏洞标题 CVE-2017-9506: Atlassian Jira IconURIServlet - Cross-Site Scripting/Server-Side Request Forgery 漏洞描述 The Atlassian Jira IconUriServlet of the OAuth Plugin from version...

漏洞标题 CVE-2025-61757: Oracle Identity Manager REST WebServices - Authentication Bypass 漏洞描述 Vulnerability in the Identity Manager product of Oracle Fusion Middleware (compon...

漏洞标题 CVE-2022-28666: Custom Product Tabs for WooCommerce < 1.7.8 - Unauthenticated Toggle Content Setting Update 漏洞描述 YIKES Inc. Custom Product Tabs for WooCommerce plug...

漏洞标题 CVE-2024-23917: JetBrains TeamCity > 2023.11.3 - Authentication Bypass 漏洞描述 In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible...

漏洞标题 CVE-2020-35847: Agentejo Cockpit <0.11.2 - NoSQL Injection 漏洞描述 Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword func...

漏洞标题 CVE-2008-6172: Joomla! Component RWCards 3.0.11 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcard...

漏洞标题 Apache Airflow CVE-2020-11978远程代码执行漏洞 漏洞描述 Apache Airflow存在远程代码执行漏洞，此漏洞是缺乏验证导致的。 PoC代码 暂无