漏洞标题 CVE-2025-2748: Kentico Xperience CMS - Unauthenticated Stored XSS 漏洞描述 The Kentico Xperience application does not fully validate or filter files uploaded via the multi...

漏洞标题 CVE-2025-34141: ETQ Reliance - Reflected XSS via SQLConverterServlet 漏洞描述 A reflected cross-site scripting (XSS) vulnerability exists in ETQ Reliance CG (legacy) platf...

漏洞标题 CVE-2025-6205: DELMIA Apriso - Broken Access Control 漏洞描述 DELMIA Apriso Release 2020 through Release 2025 contains a broken access control vulnerability caused by miss...

漏洞标题 CVE-2025-59474: Jenkins Sidepanel - Unauthorized Agent/Queue Exposure 漏洞描述 Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not perform a permission check in th...

漏洞标题 CVE-2025-34026: Versa Concerto Actuator Endpoint - Authentication Bypass 漏洞描述 An authentication bypass vulnerability affected the Spring Boot Actuator endpoints in Ver...

漏洞标题 CVE-2025-1974: CVE-2025-1974 漏洞描述 shodan: ssl:"ingress-nginx" port:8443 Kubernetes ingress-nginx是云原生计算基金会（Cloud Native Computing Foundation）开源...

漏洞标题 (CVE-2025-10210) ChanCMS Search功能SQL注入漏洞 漏洞描述 (CVE-2025-10210) ChanCMS Search功能SQL注入漏洞 PoC代码 暂无

漏洞标题 CVE-2025-34509: Sitecore Experience Manager (XM) and Experience Platform (XP) - Hardcoded Credentials 漏洞描述 Sitecore Experience Manager (XM) and Experience Platform (XP...

漏洞标题 Apache Tomcat 远程命令执行(CVE-2025-24813) 漏洞描述 Apache Tomcat 是一个开源的 Java Servlet 容器，广泛用于运行基于 Java 的 Web 应用程序。该漏洞（CVE-2025-24813）允许远程攻...

漏洞标题 CVE-2025-34032: Moodle LMS Jmol Plugin <= 6.1 - Cross-Site Scripting 漏洞描述 A reflected cross-site scripting (XSS) vulnerability exists in the Moodle LMS Jmol plugin ...

漏洞标题 CVE-2025-0133: PAN-OS - Reflected Cross-Site Scripting 漏洞描述 A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway and portal features of ...

漏洞标题 CVE-2025-1661: HUSKY – Products Filter Professional for WooCommerce <= 1.3.6.5 - Unauthenticated Local File Inclusion 漏洞描述 The HUSKY – Products Filter Professiona...

漏洞标题 CVE-2025-53770: Microsoft SharePoint Server - Remote Code Execution (ToolShell) 漏洞描述 Deserialization of untrusted data in on-premises Microsoft SharePoint Server allow...

漏洞标题 CVE-2025-34027: Versa Concerto API Path Based - Authentication Bypass 漏洞描述 Authentication bypass in the Versa Concerto API, caused by URL decoding inconsistencies. It ...

漏洞标题 CVE-2025-44136: MapTiler Tileserver-php v2.0 - Unauthenticated XSS 漏洞描述 MapTiler Tileserver-php v2.0 contains a reflected XSS caused by unencoded reflection of the GET...

漏洞标题 CVE-2025-5701: HyperComments <= 1.2.2 - Arbitrary Options Update 漏洞描述 The HyperComments plugin for WordPress is vulnerable to unauthorized modification of data that...