漏洞标题 CVE-2021-44228: Apache Log4j2 Remote Code Injection 漏洞描述 Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect aga...

漏洞标题 CVE-2021-42670: Engineers Online Portal 1.0 容易受到三种类型的SQL注入攻击 漏洞描述 Engineers Online Portal 1.0 应用程序中的 id 参数my_classmates.php似乎容易受到三种类型的 ...

漏洞标题 CVE-2017-5645: Apache Log4j Server - Deserialization Command Execution 漏洞描述 In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to ...

漏洞标题 CVE-2020-35848: Agentejo Cockpit <0.12.0 - NoSQL Injection 漏洞描述 Agentejo Cockpit prior to 0.12.0 is vulnerable to NoSQL Injection via the newpassword method of the ...

漏洞标题 CVE-2021-25118: Yoast SEO 16.7-17.2 - Information Disclosure 漏洞描述 Yoast SEO plugin 16.7 to 17.2 is susceptible to information disclosure, The plugin discloses the full...

漏洞标题 CVE-2019-25152: Abandoned Cart Lite for WooCommerce < 5.2.0 - Cross-Site Scripting 漏洞描述 The Abandoned Cart Lite for WooCommerce and Abandoned Cart Pro for WooCommer...

漏洞标题 CVE-2024-7029: AVTECH IP Camera - Command Injection 漏洞描述 The endpoint `/cgi-bin/supervisor/Factory.cgi` is vulnerable to command injection via the `action` parameter, ...

漏洞标题 Apache Struts2(S2-062)远程代码执行漏洞(CVE-2021-31805) 漏洞描述 Apache Struts2框架是一个用于开发Java EE网络应用程序的Web框架。Apache Struts< 2.5.30存在OGNL表达式注入漏...

漏洞标题 CVE-2024-47073: DataEase v2.10.2 - JWT Signature Verification Bypass 漏洞描述 DataEase is an open source data visualization analysis tool that helps users quickly analyze ...

漏洞标题 CVE-2023-4173: mooSocial 3.1.8 - Reflected XSS 漏洞描述 A vulnerability, which was classified as problematic, was found in mooSocial mooStore 3.1.6. Affected is an unknown...

漏洞标题 CVE-2024-38653: Ivanti Avalanche SmartDeviceServer - XML External Entity 漏洞描述 XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attack...

漏洞标题 CVE-2022-29006: Directory Management System 1.0 - SQL Injection 漏洞描述 Directory Management System 1.0 contains multiple SQL injection vulnerabilities via the username a...

漏洞标题 CVE-2021-22986: F5 BIG-IP iControl REST unauthenticated RCE 漏洞描述 On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before...

漏洞标题 CVE-2022-35413: WAPPLES Web Application Firewall <=6.0 - Hardcoded Credentials 漏洞描述 WAPPLES Web Application Firewall through 6.0 contains a hardcoded credentials vu...

漏洞标题 CVE-2021-3019: ffay lanproxy Directory Traversal 漏洞描述 ffay lanproxy 0.1 is susceptible to a directory traversal vulnerability that could let attackers read /../conf/co...

漏洞标题 CVE-2024-29973: Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - Command Injection 漏洞描述 The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326...