漏洞标题 CVE-2022-3768: WordPress WPSmartContracts <1.3.12 - SQL Injection 漏洞描述 WordPress WPSmartContracts plugin before 1.3.12 contains a SQL injection vulnerability. The p...

漏洞标题 CVE-2022-40879: kkFileView 4.1.0 - Cross-Site Scripting 漏洞描述 kkFileView 4.1.0 contains multiple cross-site scripting vulnerabilities via the errorMsg parameter. An att...

漏洞标题 CVE-2018-10093: AudioCodes 420HD - Remote Code Execution 漏洞描述 AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow remote code execution. PoC代码

漏洞标题 CVE-2014-8799: WordPress Plugin DukaPress 2.5.2 - Directory Traversal 漏洞描述 A directory traversal vulnerability in the dp_img_resize function in php/dp-functions.php in...

漏洞标题 CVE-2021-4462: Employee Records System 1.0 - Unauthenticated File Upload RCE 漏洞描述 Employee Records System version 1.0 contains an unrestricted file upload vulnerabilit...

漏洞标题 CVE-2024-40711: Veeam Backup & Replication - Unauthenticated 漏洞描述 A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthent...

漏洞标题 CVE-2022-47986: IBM Aspera Faspex <=4.4.2 PL1 - Remote Code Execution 漏洞描述 IBM Aspera Faspex through 4.4.2 Patch Level 1 is susceptible to remote code execution via...

漏洞标题 CVE-2025-2747: Kentico Xperience 13 CMS - Staging Service Authentication Bypass (WT-2025-0006) 漏洞描述 An authentication bypass vulnerability in Kentico Xperience allows ...

漏洞标题 CVE-2024-28397: pyload-ng js2py - Remote Code Execution 漏洞描述 An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitr...

漏洞标题 CVE-2022-0867: WordPress ARPrice <3.6.1 - SQL Injection 漏洞描述 WordPress ARPrice plugin prior to 3.6.1 contains a SQL injection vulnerability. It fails to properly sa...

漏洞标题 CVE-2019-16920: D-Link Routers - Remote Code Execution 漏洞描述 D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565 contain an unauthenticated remote code ex...

漏洞标题 CVE-2024-2879: WordPress Plugin LayerSlider 7.9.11-7.10.0 - SQL Injection 漏洞描述 The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup...

漏洞标题 CVE-2025-6403: Code-Projects School Fees Payment System 1.0 - SQL Injection 漏洞描述 A vulnerability was found in code-projects School Fees Payment System 1.0. It has been...

漏洞标题 CVE-2024-33326: LumisXP - Cross-site Scripting 漏洞描述 A cross-site scripting (XSS) vulnerability in the XsltResultControllerHtml.jsp component of LumisXP v15.0.x to v16....

漏洞标题 CVE-2021-44077: Zoho ManageEngine ServiceDesk Plus - Remote Code Execution 漏洞描述 Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and...

漏洞标题 CVE-2014-6287: HTTP File Server <2.3c - Remote Command Execution 漏洞描述 HTTP File Server before 2.3c is susceptible to remote command execution. The findMacroMarker f...