漏洞标题 CVE-2022-47075: Smart Office Web 20.28 - Information Disclosure 漏洞描述 An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to download sensiti...

漏洞标题 CVE-2024-28397: pyload-ng js2py - Remote Code Execution 漏洞描述 An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitr...

漏洞标题 CVE-2025-45985: Blink Router - Command Injection 漏洞描述 Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0,...

漏洞标题 CVE-2023-30192: PrestaShop 'possearchproducts' <= 1.7 - SQL Injection 漏洞描述 In the module “Search Products” (possearchproducts) from PosThemes for Presta...

漏洞标题 CVE-2019-5129: YouPHPTube Encoder 2.3 - Command Injection 漏洞描述 Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing en...

漏洞标题 CVE-2021-21972: VMware vSphere Client (HTML5) - Remote Code Execution 漏洞描述 VMware vCenter vSphere Client (HTML5) contains a remote code execution vulnerability in a vC...

漏洞标题 CVE-2024-3495: Wordpress Country State City Dropdown <=2.7.2 - SQL Injection 漏洞描述 The Country State City Dropdown CF7 plugin for WordPress is vulnerable to SQL Inje...

漏洞标题 CVE-2016-1000134: WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting 漏洞描述 WordPress HDW Video Gallery 1.2 and before contains a cross-site scripting vulnerabi...

漏洞标题 CVE-2024-24329: TotoLink Router setPortForwardRules - Command Injection 漏洞描述 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vuln...

漏洞标题 CVE-2022-4321: PDF Generator for WordPress < 1.1.2 - Cross Site Scripting 漏洞描述 The plugin includes a vendored dompdf example file which is susceptible to Reflected ...

漏洞标题 Apache OFBiz CVE-2024-38856 未授权代码执行漏洞 漏洞描述 Apache OFBiz存在未授权代码执行漏洞，该漏洞是由于ProgramExport接口对用户的权限校验不当导致的。 PoC代码 暂无

漏洞标题 Amcrest IP Camera Web Sha1Account1 账号密码泄漏漏洞(CVE-2017-8229) 漏洞描述 Amcrest IP Camera Web是Amcrest公司的一款无线IP摄像头，设备允许未经身份验证的攻击者下载管理凭据...

漏洞标题 CVE-2021-22873: Revive Adserver <5.1.0 - Open Redirect 漏洞描述 Revive Adserver before 5.1.0 contains an open redirect vulnerability via the dest, oadest, and ct0 param...

漏洞标题 CVE-2017-17736: Kentico - Installer Privilege Escalation 漏洞描述 Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 are susceptible to a privilege escalation attack. An at...

漏洞标题 CVE-2015-4062: WordPress NewStatPress 0.9.8 - SQL Injection 漏洞描述 WordPress NewStatPress 0.9.8 plugin contains a SQL injection vulnerability in includes/nsp_search.php....

漏洞标题 CVE-2022-46934: kkFileView 4.1.0 - Cross-Site Scripting 漏洞描述 kkFileView 4.1.0 is susceptible to cross-site scripting via the url parameter at /controller/OnlinePreview...