漏洞标题 CVE-2020-35986: Rukovoditel <= 2.7.2 - Cross Site Scripting 漏洞描述 A stored cross site scripting (XSS) vulnerability in the 'Users Access Groups' feature of...

漏洞标题 CVE-2016-10940: WordPress zm-gallery plugin 1.0 SQL Injection 漏洞描述 zm-gallery plugin 1.0 for WordPress is susceptible to SQL injection via the order parameter. PoC代码

漏洞标题 Atlassian Confluence /json/setup-restore.action 文件上传漏洞（CVE-2023-22518） 漏洞描述 Atlassian Confluence是一款企业知识管理与协作软件。该漏洞存在于Atlassian Confluence...

漏洞标题 CVE-2022-33965: WordPress Visitor Statistics <=5.7 - SQL Injection 漏洞描述 WordPress Visitor Statistics plugin through 5.7 contains multiple unauthenticated SQL inject...

漏洞标题 CVE-2022-21587: Oracle E-Business Suite 12.2.3 -12.2.11 - Remote Code Execution 漏洞描述 Oracle E-Business Suite 12.2.3 through 12.2.11 is susceptible to remote code execu...

漏洞标题 CVE-2010-4617: Joomla! Component JotLoader 2.2.1 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for J...

漏洞标题 CVE-2024-4340: sqlparse - Denial of Service 漏洞描述 Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError. PoC代码

漏洞标题 CVE-2023-32315-2: Openfire身份认证绕过漏洞 漏洞描述 Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web...

漏洞标题 CVE-2018-13379: Fortinet FortiOS - Credentials Disclosure 漏洞描述 Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8...

漏洞标题 CVE-2022-43015: OpenCATS 0.9.6 - Cross-Site Scripting 漏洞描述 OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the entriesPerPage parameter. An attacker c...

漏洞标题 CVE-2022-4140: WordPress Welcart e-Commerce <2.8.5 - Arbitrary File Access 漏洞描述 WordPress Welcart e-Commerce plugin before 2.8.5 is susceptible to arbitrary file ac...

漏洞标题 CVE-2022-0149: WooCommerce Stored Exporter WordPress Plugin < 2.7.1 - Cross-Site Scripting 漏洞描述 The plugin was affected by a reflected cross-site scripting vulnerab...

漏洞标题 CVE-2019-20141: WordPress Laborator Neon Theme 2.0 - Cross-Site Scripting 漏洞描述 WordPress Laborator Neon theme 2.0 contains a cross-site scripting vulnerability via the...

漏洞标题 CVE-2025-27218: Sitecore Experience Manager (XM)/Experience Platform (XP) 10.4 - Insecure Deserialization 漏洞描述 Sitecore Experience Manager (XM) and Experience Platform...

漏洞标题 Atlassian Confluence /json/setup-restore.action 文件上传漏洞（CVE-2023-22518） 漏洞描述 Atlassian Confluence是一款企业知识管理与协作软件。该漏洞存在于Atlassian Confluence...

漏洞标题 CVE-2025-51482: Letta Letta 0.7.12 - Remote Code Execution 漏洞描述 Letta 0.7.12 is vulnerable to remote code execution via POST /v1/tools/run in letta.server.rest_api.rou...