漏洞标题 CVE-2019-14750: osTicket < 1.12.1 - Cross-Site Scripting 漏洞描述 An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup...

漏洞标题 CVE-2022-3484: WordPress WPB Show Core - Cross-Site Scripting 漏洞描述 WordPress wpb-show-core plugin through TODO contains a cross-site scripting vulnerability. The plugi...

漏洞标题 CVE-2017-18530: Rating by BestWebSoft < 0.2 - Cross-Site Scripting 漏洞描述 The rating-bws plugin before 0.2 for WordPress has multiple XSS issues. PoC代码

漏洞标题 CVE-2025-34077: WordPress Pie Register <= 3.7.1.4 - Authentication Bypass 漏洞描述 An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤...

漏洞标题 CVE-2023-38879: openSIS v9.0 - Path Traversal 漏洞描述 A path traversal vulnerability exists in openSIS Classic Community Edition v9.0 via the 'filename' paramet...

漏洞标题 CVE-2025-6174: WordPress Qwizcards < 3.95 - Cross-Site Scripting (Reflected) 漏洞描述 The WordPress Qwizcards plugin before version 3.95 does not sanitise and escape th...

漏洞标题 CVE-2021-39316: WordPress DZS Zoomsounds <=6.50 - Local File Inclusion 漏洞描述 WordPress Zoomsounds plugin 6.45 and earlier allows arbitrary files, including sensitive...

漏洞标题 CVE-2020-9376: D-Link DIR-610 Devices - Information Disclosure 漏洞描述 D-Link DIR-610 devices allow information disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=...

漏洞标题 (CVE-2020-5410) Spring Cloud Config 目录遍历漏洞 漏洞描述 (CVE-2020-5410) Spring Cloud Config 目录遍历漏洞 PoC代码 暂无

漏洞标题 CVE-2015-4074: Joomla! Helpdesk Pro plugin <1.4.0 - Local File Inclusion 漏洞描述 Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! ...

漏洞标题 CVE-2019-14974: SugarCRM Enterprise 9.0.0 - Cross-Site Scripting 漏洞描述 SugarCRM Enterprise 9.0.0 contains a cross-site scripting vulnerability via mobile/error-not-supp...

漏洞标题 CVE-2021-40539 Zoho ManageEngine ADSelfService Plus存在远程代码执行漏洞 漏洞描述 CVE-2021-40539 Zoho ManageEngine ADSelfService Plus存在远程代码执行漏洞 PoC代码 暂无

3月1日，DevOps平台提供商JFrog安全研究团队披露了PJSIP中的五个安全漏洞，攻击者可以利用这些漏洞在运行使用该库的应用程序的设备上执行任意代码，或致使拒绝服务。PJSIP 是一个用 C 语言编写...

漏洞标题 CVE-2025-55523: Agent-Zero 0.8.0 - 0.9.4 - Arbitrary File Download 漏洞描述 Agent-Zero v0.8.0 - 0.9.4 contains a path traversal caused by improper validation in /api/downl...

漏洞标题 CVE-2024-3822: Base64 Encoder/Decoder <= 0.9.2 - Cross-Site Scripting 漏洞描述 The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not sanitise and escape a ...

漏洞标题 CVE-2023-27292: OpenCATS - Open Redirect 漏洞描述 OpenCATS contains an open redirect vulnerability due to improper validation of user-supplied GET parameters. This, in tur...