漏洞标题 CVE-2018-1000861: Jenkins - Remote Command Injection 漏洞描述 Jenkins 2.153 and earlier and LTS 2.138.3 and earlier are susceptible to a remote command injection via stapl...

漏洞标题 CVE-2023-27640: PrestaShop tshirtecommerce - Directory Traversal 漏洞描述 The Custom Product Designer (tshirtecommerce) module for PrestaShop allows HTTP requests to be fo...

漏洞标题 CVE-2022-0651: WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection 漏洞描述 The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient e...

漏洞标题 CVE-2024-2876: Wordpress Email Subscribers by Icegram Express - SQL Injection 漏洞描述 The Email Subscribers by Icegram Express - Email Marketing, Newsletters, Automation ...

漏洞标题 CVE-2019-19823: TOTOLINK/Realtek Routers - Information Disclosure 漏洞描述 A certain router administration interface using Realtek APMIB (e.g., on TOTOLINK models) allows ...

漏洞标题 CVE-2018-16133: Cybrotech CyBroHttpServer 1.0.3 - Local File Inclusion 漏洞描述 Cybrotech CyBroHttpServer 1.0.3 is vulnerable to local file inclusion in the URI. PoC代码

漏洞标题 CVE-2020-35951: Wordpress Quiz and Survey Master <7.0.1 - Arbitrary File Deletion 漏洞描述 Wordpress Quiz and Survey Master <7.0.1 allows users to delete arbitrary f...

漏洞标题 CVE-2024-1208: LearnDash LMS < 4.10.3 - Sensitive Information Exposure 漏洞描述 The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure i...

漏洞标题 CVE-2021-34624: WordPress ProfilePress 3.0-3.1.3 - Arbitrary File Upload 漏洞描述 A vulnerability in the file uploader component found in the ~/src/Classes/FileUploader.ph...

漏洞标题 CVE-2023-43261: Milesight Routers - Information Disclosure 漏洞描述 A critical security vulnerability has been identified in Milesight Industrial Cellular Routers, comprom...

漏洞标题 CVE-2025-30220: GeoServer WFS - XXE Processing Vulnerability 漏洞描述 GeoServer Web Feature Service (WFS) is vulnerable to an XML External Entity (XXE) processing attack d...

漏洞标题 CVE-2016-4977: Spring Security OAuth2 Remote Command Execution 漏洞描述 Spring Security OAuth versions 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5 contain a remote command execution...

漏洞标题 CVE-2024-2473: WPS Hide Login <= 1.9.15.2 - Login Page Disclosure 漏洞描述 The WPS Hide Login plugin for WordPress is vulnerable to Login Page Disclosure in all version...

漏洞标题 CVE-2021-28854: VICIdial Sensitive Information Disclosure 漏洞描述 VICIdial's Web Client is susceptible to information disclosure because it contains many sensitive f...

漏洞标题 CVE-2021-24169: WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting 漏洞描述 WordPress Advanced Order Export For WooCommerce plu...

漏洞标题 Apache Tomcat CVE-2023-46589 请求走私漏洞 漏洞描述 Apache Tomcat存在请求走私漏洞，该漏洞是由于应用程序对chunck传输的异常数据缺乏验证导致的。 PoC代码 暂无