漏洞标题 CVE-2017-17762: Episerver 7 - Blind XML External Entity Injection 漏洞描述 Episerver 7 patch 4 and earlier contains an XML external entity (XXE) caused by processing craft...

漏洞标题 CVE-2025-25062: Backdrop CMS - Cross-Site Scripting 漏洞描述 An XSS issue was discovered in Backdrop CMS 1.28.x before 1.28.5 and 1.29.x before 1.29.3. It doesn't suf...

漏洞标题 CVE-2021-41432: FlatPress 1.2.1 - Stored Cross-Site Scripting 漏洞描述 FlatPress 1.2.1 contains a stored cross-site scripting vulnerability that allows for arbitrary execu...

漏洞标题 CVE-2011-3171: Pure-FTPd ≤ 1.0.22 - Directory Traversal 漏洞描述 Pure-FTPd versions ≤ 1.0.22 (and earlier) contain a directory traversal vulnerability when the "Net...

漏洞标题 CVE-2023-2813: Wordpress Multiple Themes - Reflected Cross-Site Scripting 漏洞描述 All of the above Aapna WordPress theme through 1.3, Anand WordPress theme through 1.2, A...

漏洞标题 CVE-2021-24285: WordPress Car Seller - Auto Classifieds Script - SQL Injection 漏洞描述 The request_list_request AJAX call of the Car Seller - Auto Classifieds Script Word...

漏洞标题 CVE-2020-9344: Jira Subversion ALM for Enterprise <8.8.2 - Cross-Site Scripting 漏洞描述 Jira Subversion ALM for Enterprise before 8.8.2 contains a cross-site scripting...

漏洞标题 CVE-2022-3982: WordPress Booking Calendar <3.2.2 - Arbitrary File Upload 漏洞描述 WordPress Booking Calendar plugin before 3.2.2 is susceptible to arbitrary file upload...

漏洞标题 CVE-2017-14849: Node.js <8.6.0 - Directory Traversal 漏洞描述 Node.js before 8.6.0 allows remote attackers to access unintended files because a change to ".."...

漏洞标题 CVE-2021-44529: Ivanti EPM Cloud Services Appliance Code Injection 漏洞描述 Ivanti EPM Cloud Services Appliance (CSA) before version 4.6.0-512 is susceptible to a code inj...

漏洞标题 CVE-2023-24657: phpIPAM - 1.6 - Cross-Site Scripting 漏洞描述 phpIPAM 1.6 contains a cross-site scripting vulnerability via the closeClass parameter at /subnet-masks/popup...

漏洞标题 CVE-2024-21644: pyLoad Flask Config - Access Control 漏洞描述 pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can brow...

漏洞标题 CVE-2013-2251: Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution (S2-016) 漏洞描述 In Struts 2 before 2.3.15.1 the information following "action:&quo...

HTTP协议简介 超文本传输协议（英文：HyperText Transfer Protocol，缩写：HTTP）是一种用于分布式、协作式和超媒体信息系统的应用层协议。HTTP是万维网的数据通信的基础。 HTTP的发...

漏洞标题 CVE-2010-1313: Joomla! Component Saber Cart 1.0.0.12 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the Seber Cart (com_sebercart) component 1.0.0....

漏洞标题 CVE-2020-11110: Grafana <= 6.7.1 - Cross-Site Scripting 漏洞描述 Grafana through 6.7.1 contains an unauthenticated stored cross-site scripting vulnerability due to insu...