漏洞标题 CVE-2021-36260: Hikvision IP camera/NVR - Remote Command Execution 漏洞描述 Certain Hikvision products contain a command injection vulnerability in the web server due to t...

漏洞标题 CVE-2020-25864: HashiCorp Consul/Consul Enterprise <=1.9.4 - Cross-Site Scripting 漏洞描述 HashiCorp Consul and Consul Enterprise up to version 1.9.4 are vulnerable to ...

漏洞标题 CVE-2023-41621: Emlog Pro v2.1.14 - Cross-Site Scripting 漏洞描述 Cross Site Scripting (XSS) vulnerability in Emlog Pro v2.1.14 via /admin/store.php. PoC代码

漏洞标题 Adobe Commerce CVE-2024-34102 XML外部实体注入漏洞 漏洞描述 Adobe Commerce 存在XML外部实体注入漏洞，此漏洞是由于程序未充分验证用户输入estimate-shipping-methods的数据所导致...

漏洞标题 CVE-2018-9118: WordPress 99 Robots WP Background Takeover Advertisements <=4.1.4 - Local File Inclusion 漏洞描述 WordPress 99 Robots WP Background Takeover Advertisemen...

漏洞标题 CVE-2014-8799: WordPress Plugin DukaPress 2.5.2 - Directory Traversal 漏洞描述 A directory traversal vulnerability in the dp_img_resize function in php/dp-functions.php in...

漏洞标题 CVE-2020-23697: Monstra CMS 3.0.4 - Cross-Site Scripting 漏洞描述 Monstra CMS 3.0.4 contains a cross-site scripting vulnerability via the page feature in admin/index.php. ...

漏洞标题 CVE-2025-44136: MapTiler Tileserver-php v2.0 - Unauthenticated XSS 漏洞描述 MapTiler Tileserver-php v2.0 contains a reflected XSS caused by unencoded reflection of the GET...

漏洞标题 CVE-2022-45362: WordPress Paytm Payment Gateway <=2.7.0 - Server-Side Request Forgery 漏洞描述 WordPress Paytm Payment Gateway plugin through 2.7.0 contains a server-si...

漏洞标题 CVE-2022-2756: Kavita <0.5.4.1 - Server-Side Request Forgery 漏洞描述 Kavita before 0.5.4.1 is susceptible to server-side request forgery in GitHub repository kareadita...

漏洞标题 CVE-2012-4768: WordPress Plugin Download Monitor < 3.3.5.9 - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in the Download Monitor plugin before 3....

漏洞标题 CVE-2021-28150: Hongdian H8922 3.0.5 - Information Disclosure 漏洞描述 Hongdian H8922 3.0.5 is susceptible to information disclosure. An attacker can access cli.conf (with...

漏洞标题 CVE-2020-26217: XStream <1.4.14 - Remote Code Execution 漏洞描述 XStream before 1.4.14 is susceptible to remote code execution. An attacker can run arbitrary shell comm...

漏洞标题 CVE-2020-36836: WordPress WP Fastest Cache <= 0.9.0.2 - Authenticated Arbitrary File Deletion 漏洞描述 The WP Fastest Cache plugin for WordPress is vulnerable to unauth...

漏洞标题 CVE-2025-2747: Kentico Xperience 13 CMS - Staging Service Authentication Bypass (WT-2025-0006) 漏洞描述 An authentication bypass vulnerability in Kentico Xperience allows ...

漏洞标题 CVE-2018-1000129: Jolokia 1.3.7 - Cross-Site Scripting 漏洞描述 Jolokia 1.3.7 is vulnerable to cross-site scripting in the HTTP servlet and allows an attacker to execute m...