漏洞标题 CVE-2023-3380: WAVLINK WN579X3 - Remote Command Execution 漏洞描述 Remote Command Execution vulnerability in WAVLINK WN579X3 routers via pingIp parameter in /cgi-bin/adm.c...

漏洞标题 CVE-2010-1313: Joomla! Component Saber Cart 1.0.0.12 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the Seber Cart (com_sebercart) component 1.0.0....

漏洞标题 CVE-2020-16139: Cisco Unified IP Conference Station 7937G - Denial-of-Service 漏洞描述 Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers t...

漏洞标题 Atlassian Confluence /json/setup-restore.action 文件上传漏洞（CVE-2023-22518） 漏洞描述 Atlassian Confluence是一款企业知识管理与协作软件。该漏洞存在于Atlassian Confluence...

漏洞标题 CVE-2019-17662: ThinVNC 1.0b1 - Authentication Bypass 漏洞描述 ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a compromise of the VNC server. The vulne...

漏洞标题 CVE-2025-54125: XWiki XML View - Sensitive Information Exposure 漏洞描述 A vulnerability in XWiki's XML view functionality exposes sensitive information such as passw...

漏洞标题 (CVE-2025-4123) Grafana 路径遍历与开放重定向导致的跨站脚本漏洞 漏洞描述 (CVE-2025-4123) Grafana 路径遍历与开放重定向导致的跨站脚本漏洞 PoC代码 暂无

漏洞标题 CVE-2021-25055: WordPress FeedWordPress < 2022.0123 - Authenticated Cross-Site Scripting 漏洞描述 The plugin is affected by a cross-site scripting vulnerability within ...

漏洞标题 CVE-2022-26148: Grafana & Zabbix Integration - Credentials Disclosure 漏洞描述 Grafana through 7.3.4, when integrated with Zabbix, contains a credential disclosure vul...

漏洞标题 CVE-2023-3578: DedeCMS 5.7.109 - Server-Side Request Forgery 漏洞描述 Manipulation of the rssurl parameter in co_do.php leads to server-side request forgery in DedeCMS ver...

漏洞标题 CVE-2023-3849: mooDating 1.2 - Cross-site scripting 漏洞描述 A vulnerability, which was classified as problematic, was found in mooSocial mooDating 1.2. Affected is an unk...

漏洞标题 CVE-2019-1821: Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager - Remote Code Execution 漏洞描述 Cisco Prime Infrastructure (PI) and Cisco Evolved...

漏洞标题 CVE-2020-10546: rConfig 3.9.4 - SQL Injection 漏洞描述 rConfig 3.9.4 and previous versions have unauthenticated compliancepolicies.inc.php SQL injection. Because nodes...

漏洞标题 CVE-2021-3287: Zoho ManageEngine OpManager < 12.5.329 - Remote Code Execution 漏洞描述 Zoho ManageEngine OpManager before 12.5.329 contains a remote code execution caus...

在安全小天地测试某src时发现一个界面，域名为xxxa.xxx.com,是一个登录界面，发现该界面支持使用手机号登录以及注册功能，测试后发现该网站使用的短信验证码为123456 因此用脚趾头都能想出来的...

漏洞标题 CVE-2022-35405: Zoho ManageEngine - Remote Code Execution 漏洞描述 Zoho ManageEngine Password Manager Pro, PAM 360, and Access Manager Plus are susceptible to unauthentica...