漏洞标题 BackupBuddy 存在本地文件包含漏洞（CVE-2022-31474） 漏洞描述 BackupBuddy 是WordPress一款备份迁移插件。BackupBuddy 8.5.8.0 - 8.7.4.1版本存在本地文件包含漏洞，攻击者可以利用...

漏洞标题 CVE-2024-0204: Fortra GoAnywhere MFT - Authentication Bypass 漏洞描述 Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to c...

漏洞标题 CVE-2010-4231: Camtron CMNC-200 IP Camera - Directory Traversal 漏洞描述 The CMNC-200 IP Camera has a built-in web server that is vulnerable to directory transversal attac...

漏洞标题 CVE-2017-3881: Cisco IOS 12.2(55)SE11 - Remote Code Execution 漏洞描述 A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisc...

漏洞标题 CVE-2017-3528: Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect 漏洞描述 The Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Popup w...

漏洞标题 CVE-2018-14933: NUUO NVRmini - Remote Command Execution 漏洞描述 NUUO NVRmini is vulnerable to unauthenticated remote command execution through the upgrade_handle.php file...

漏洞标题 CVE-2020-22165: PHPGurukul Hospital Management System 4.0 - SQL Injection 漏洞描述 PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \...

漏洞标题 CVE-2024-13161: Ivanti EPM - Credential Coercion Vulnerability in GetHashForSingleFile 漏洞描述 A vulnerability in Ivanti Endpoint Manager (EPM) allows an unauthenticated ...

漏洞标题 CVE-2021-24212: WooCommerce Help Scout - Arbitrary File Upload 漏洞描述 WooCommerce Help Scout plugin before version 2.9.1 contains an unrestricted file upload vulnerabili...

漏洞标题 CVE-2024-3656: Keycloak < 24.0.5 - Broken Access Control 漏洞描述 A flaw was found in Keycloak. Certain endpoints in Keycloak's admin REST API allow low-privilege ...

前言 最近在公司同事群里，看到了一个很皮的朋友，打开微信运动，最上面的居然是他的这条奇葩的广告“视觉前线，财富盛地，在这里，您将受到万千关注！” 然后，我就琢磨了一下，今天给大家带来...

漏洞标题 CVE-2021-25161: Aruba Instant Access Point (IAP) - Cross-Site Scripting 漏洞描述 A remote cross-site scripting (xss) vulnerability was discovered in some Aruba Instant Acc...

漏洞标题 CVE-2023-0942: WordPress Japanized for WooCommerce <2.5.5 - Cross-Site Scripting 漏洞描述 WordPress Japanized for WooCommerce plugin before 2.5.5 is susceptible to cros...

漏洞标题 CVE-2022-29464: WSO2 Management - Arbitrary File Upload & Remote Code Execution 漏洞描述 Certain WSO2 products allow unrestricted file upload with resultant remote cod...

漏洞标题 CVE-2020-29597: IncomCMS 2.0 - Arbitrary File Upload 漏洞描述 IncomCMS 2.0 has a an insecure file upload vulnerability in modules/uploader/showcase/script.php. This allows...

漏洞标题 CVE-2021-24169: WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting 漏洞描述 WordPress Advanced Order Export For WooCommerce plu...