漏洞标题 CVE-2025-5394: Unauthenticated Arbitrary Plugin Upload in Alone Theme 漏洞描述 The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerab...

漏洞标题 CVE-2024-10571: Chartify – WordPress Chart Plugin < 2.9.6 - Local File Inclusion 漏洞描述 The Chartify – WordPress Chart Plugin plugin for WordPress is vulnerable to ...

漏洞标题 Apache Solr /solr/admin/info/properties:/admin/info/key 权限绕过漏洞（CVE-2024-45216） 漏洞描述 Apache Solr是一个开源搜索服务器，使用Java语言开发，主要基于HTTP和Apache Luc...

漏洞标题 CVE-2024-3822: Base64 Encoder/Decoder <= 0.9.2 - Cross-Site Scripting 漏洞描述 The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not sanitise and escape a ...

漏洞标题 (CVE-2022-0540) Atlassian Jira Seraph 身份验证绕过漏洞 漏洞描述 (CVE-2022-0540) Atlassian Jira Seraph 身份验证绕过漏洞 PoC代码 暂无

漏洞标题 CVE-2024-7313: Shield Security Plugin < 20.0.6 - Cross-Site Scripting 漏洞描述 The Shield Security WordPress plugin before 20.0.6 contains a reflected cross-site script...

漏洞标题 CVE-2019-6703: Total Donations Plugin for WordPress < 2.0.6 - Arbitrary Options Update 漏洞描述 Incorrect access control in migla_ajax_functions.php in the Calmar Webme...

漏洞标题 CVE-2021-25297: Nagios 5.5.6-5.7.5 - Authenticated Remote Command Injection 漏洞描述 Nagios XI 5.5.6 through 5.7.5 is susceptible to authenticated remote command injection...

漏洞标题 CVE-2022-29272: Nagios XI <5.8.5 - Open Redirect 漏洞描述 Nagios XI through 5.8.5 contains an open redirect vulnerability in the login function. An attacker can redirec...

漏洞标题 CVE-2021-22005: VMware vCenter Server - Arbitrary File Upload 漏洞描述 VMware vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A ma...

漏洞标题 CVE-2022-1933: WordPress CDI <5.1.9 - Cross Site Scripting 漏洞描述 WordPress CDI plugin prior to 5.1.9 contains a cross-site scripting vulnerability. The plugin does n...

漏洞标题 Apache mod_proxy SSRF（CVE-2021-40438） 漏洞描述 Apache提供了mod_proxy模块用于提供代理服务，能够支持的包括正向代理、反向代理、透明代理、缓存、负载均衡，HTTP代理、FTP代理、...

漏洞标题 CVE-2018-3714: node-srv - Local File Inclusion 漏洞描述 node-srv is vulnerable to local file inclusion due to lack of url validation, which allows a malicious user to read...

漏洞标题 CVE-2021-29490: Jellyfin 10.7.2 - Server Side Request Forgery 漏洞描述 Jellyfin is a free software media system. Versions 10.7.2 and below are vulnerable to unauthenticate...

漏洞标题 CVE-2015-4694: WordPress Zip Attachments <= 1.1.4 - Arbitrary File Retrieval 漏洞描述 WordPress zip-attachments plugin allows arbitrary file retrieval as it does not ch...

漏洞标题 CVE-2018-16716: NCBI ToolBox - Directory Traversal 漏洞描述 NCBI ToolBox 2.0.7 through 2.2.26 legacy versions contain a path traversal vulnerability via viewcgi.cgi which ...