漏洞标题 CVE-2016-10033: WordPress PHPMailer < 5.2.18 - Remote Code Execution 漏洞描述 WordPress PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to...

漏洞标题 CVE-2020-26217: XStream <1.4.14 - Remote Code Execution 漏洞描述 XStream before 1.4.14 is susceptible to remote code execution. An attacker can run arbitrary shell comm...

漏洞标题 CVE-2023-34990: FortiWLM - Directory Traversal 漏洞描述 A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker ...

漏洞标题 CVE-2024-2771: Contact Form Plugin by Fluent Forms < 5.1.17 - Unauthenticated Limited Privilege Escalation 漏洞描述 The plugin is vulnerable to privilege escalation due...

漏洞标题 CVE-2008-6172: Joomla! Component RWCards 3.0.11 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcard...

漏洞标题 CVE-2024-50477: WordPress Stacks Mobile App Builder <=5.2.3 - Authentication Bypass 漏洞描述 Stacks Mobile App Builder WordPress plugin ≤ 5.2.3 suffers from an authent...

这篇文章主要介绍了docker 内存监控与压测方式，具有很好的参考价值，希望对大家有所帮助。一起跟随小编过来看看吧 一直运行的docker容器显示内存已经耗尽，并且容器内存耗尽也没出现重启情况，...

漏洞标题 CVE-2020-10546: rConfig 3.9.4 - SQL Injection 漏洞描述 rConfig 3.9.4 and previous versions have unauthenticated compliancepolicies.inc.php SQL injection. Because nodes...

漏洞标题 CVE-2023-27638: tshirtecommerce PrestaShop Module - SQL Injection 漏洞描述 The tshirtecommerce module for PrestaShop is vulnerable to unauthenticated SQL injection via the...

漏洞标题 CVE-2023-0669: Fortra GoAnywhere MFT - Remote Code Execution 漏洞描述 Fortra GoAnywhere MFT is susceptible to remote code execution via unsafe deserialization of an arbitr...

漏洞标题 CVE-2019-6703: Total Donations Plugin for WordPress < 2.0.6 - Arbitrary Options Update 漏洞描述 Incorrect access control in migla_ajax_functions.php in the Calmar Webme...

漏洞标题 CVE-2014-5368: WordPress Plugin WP Content Source Control - Directory Traversal 漏洞描述 A directory traversal vulnerability in the file_get_contents function in downloadf...

本文转载于公众号：融云攻防实验室，原文地址： 漏洞复现 DEDECMS后台任意文件上传 织梦内容管理系统(Dedecms)是一款PHP开源网站管理系统。该漏洞利用需要登录后台,并且后台的账户权限是管理员...

漏洞标题 CVE-2021-4449: ZoomSounds Plugin - Unauthenticated Arbitrary File Upload 漏洞描述 ZoomSounds plugin for WordPress contains a file upload vulnerability in savepng.php PoC代...

漏洞标题 CVE-2019-8943: WordPress Core 5.0.0 - Crop-image Shell Upload 漏洞描述 WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to...

漏洞标题 CVE-2018-1000600: Jenkins GitHub Plugin <=1.29.1 - Server-Side Request Forgery 漏洞描述 Jenkins GitHub Plugin 1.29.1 and earlier is susceptible to server-side request f...