漏洞标题 CVE-2021-24970: WordPress All-In-One Video Gallery <2.5.0 - Local File Inclusion 漏洞描述 WordPress All-in-One Video Gallery plugin before 2.5.0 is susceptible to local...

漏洞标题 CVE-2021-20792: WordPress Quiz and Survey Master <7.1.14 - Cross-Site Scripting 漏洞描述 WordPress Quiz and Survey Master plugin prior to 7.1.14 contains a cross-site s...

漏洞标题 CVE-2021-26294: AfterLogic Aurora and WebMail Pro < 7.7.9 - Information Disclosure 漏洞描述 AfterLogic Aurora and WebMail Pro products with 7.7.9 and all lower versions...

漏洞标题 CVE-2021-23241: MERCUSYS Mercury X18G 1.0.5 Router - Local File Inclusion 漏洞描述 MERCUSYS Mercury X18G 1.0.5 devices are vulnerable to local file inclusion via ../ in co...

漏洞标题 CVE-2021-21315: Node.JS System Information Library <5.3.1 - Remote Command Injection 漏洞描述 Node.JS System Information Library System before version 5.3.1 is suscepti...

漏洞标题 CVE-2021-43778: GLPI plugin Barcode < 2.6.1 - Path Traversal Vulnerability. 漏洞描述 Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version...

漏洞标题 CVE-2021-32789: WooCommerce Blocks 2.5 to 5.5 - Unauthenticated SQL Injection 漏洞描述 woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg B...

漏洞标题 CVE-2021-25298: Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection 漏洞描述 Nagios XI 5.5.6 through 5.7.5 is susceptible to authenticated remote command inject...

漏洞标题 CVE-2021-40272: IRTS OP5 Monitor - Cross-Site Scripting 漏洞描述 OP5 Monitor 8.3.1, 8.3.2, and OP5 8.3.3 are vulnerable to Cross Site Scripting (XSS). PoC代码

近日，西部数据（全球知名数据存储厂商）宣布将结束对前几代My Cloud OS的支持。如果用户的设备与My Cloud OS 5不兼容，将失去远程访问权限，并且旧版本设备不再能得到安全修复或技术支持。若用...

漏洞标题 CVE-2021-34640: WordPress Securimage-WP-Fixed <=3.5.4 - Cross-Site Scripting 漏洞描述 WordPress Securimage-WP-Fixed plugin 3.5.4 and prior contains a cross-site scripti...

漏洞标题 CVE-2021-45811: osTicket 1.15.x - SQL Injection 漏洞描述 A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket ...

漏洞标题 CVE-2021-24917: WordPress WPS Hide Login <1.9.1 - Information Disclosure 漏洞描述 WordPress WPS Hide Login plugin before 1.9.1 is susceptible to incorrect authorization...

漏洞标题 CVE-2021-44529: Ivanti EPM Cloud Services Appliance Code Injection 漏洞描述 Ivanti EPM Cloud Services Appliance (CSA) before version 4.6.0-512 is susceptible to a code inj...

漏洞标题 CVE-2021-25003: WordPress WPCargo Track & Trace <6.9.0 - Remote Code Execution 漏洞描述 WordPress WPCargo Track & Trace plugin before 6.9.0 is susceptible to re...

漏洞标题 CVE-2021-24838: WordPress AnyComment <0.3.5 - Open Redirect 漏洞描述 WordPress AnyComment plugin before 0.3.5 contains an open redirect vulnerability via an API endpoin...