漏洞标题 CVE-2021-44228: Apache Log4j2 Remote Code Injection 漏洞描述 Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect aga...

漏洞标题 CVE-2021-39411: Hospital Management System 1.0 - Cross-Site Scripting 漏洞描述 Hospital Management System 1.0 contains a cross-site scripting vulnerability via the searchd...

漏洞标题 CVE-2023-37645: EyouCms v1.6.3 - Information Disclosure 漏洞描述 EyouCms v1.6.3 was discovered to contain an information disclosure vulnerability via the component /custom...

漏洞标题 CVE-2017-5638: Apache Struts 2 - Remote Command Execution S2-045 S2-046 漏洞描述 Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 is vulnerable to remote comm...

漏洞标题 CVE-2022-2379: WordPress Easy Student Results <=2.2.8 - Improper Authorization 漏洞描述 WordPress Easy Student Results plugin through 2.2.8 is susceptible to informatio...

漏洞标题 CVE-2024-3495: Wordpress Country State City Dropdown <=2.7.2 - SQL Injection 漏洞描述 The Country State City Dropdown CF7 plugin for WordPress is vulnerable to SQL Inje...

漏洞标题 CVE-2019-19823: TOTOLINK/Realtek Routers - Information Disclosure 漏洞描述 A certain router administration interface using Realtek APMIB (e.g., on TOTOLINK models) allows ...

漏洞标题 CVE-2025-60188: Atarim < 4.2.2 - Sensitive Information Exposure 漏洞描述 Vito Peleg Atarim <= 4.2 contains an insertion of sensitive information into sent data vulne...

漏洞标题 CVE-2020-3952: VMware vCenter Server LDAP Broken Access Control 漏洞描述 Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or e...

漏洞标题 CVE-2019-11869: WordPress Yuzo <5.12.94 - Cross-Site Scripting 漏洞描述 WordPress Yuzo Related Posts plugin before 5.12.94 is vulnerable to cross-site scripting because...

漏洞标题 CVE-2024-8503: VICIdial - SQL Injection 漏洞描述 An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial to enumerate database record...

漏洞标题 CVE-2024-28397: pyload-ng js2py - Remote Code Execution 漏洞描述 An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitr...

漏洞标题 CVE-2021-24276: WordPress Supsystic Contact Form <1.7.15 - Cross-Site Scripting 漏洞描述 WordPress Supsystic Contact Form plugin before 1.7.15 contains a cross-site scr...

漏洞标题 CVE-2022-0599: WordPress Mapping Multiple URLs Redirect Same Page <=5.8 - Cross-Site Scripting 漏洞描述 WordPress Mapping Multiple URLs Redirect Same Page plugin 5.8 an...

漏洞标题 CVE-2023-1177: MLflow get-artifact 任意文件读取漏洞 漏洞描述 使用 MLflow 模型注册表托管 MLflow 开源项目的用户 mlflow server或者 mlflow ui使用早于 MLflow 2.2.1 的 MLflow 版...

漏洞标题 CVE-2021-35587: Oracle Access Manager - Remote Code Execution 漏洞描述 The Oracle Access Manager portion of Oracle Fusion Middleware (component: OpenSSO Agent) is vulnerab...