漏洞标题 CVE-2021-39141: XStream 1.4.18 - Remote Code Execution 漏洞描述 XStream 1.4.18 is susceptible to remote code execution. An attacker can execute commands of the host by man...

漏洞标题 CVE-2021-24991: WooCommerce PDF Invoices & Packing Slips WordPress Plugin < 2.10.5 - Cross-Site Scripting 漏洞描述 The Wordpress plugin WooCommerce PDF Invoices &am...

漏洞标题 CVE-2021-21805: Advantech R-SeeNet 2.4.12 - OS Command Injection 漏洞描述 Advantech R-SeeNet 2.4.12 is susceptible to remote OS command execution via the ping.php script f...

漏洞标题 CVE-2021-29625: Adminer <=4.8.0 - Cross-Site Scripting 漏洞描述 Adminer 4.6.1 to 4.8.0 contains a cross-site scripting vulnerability which affects users of MySQL, Maria...

漏洞标题 CVE-2021-39312: WordPress True Ranker <2.2.4 - Local File Inclusion 漏洞描述 WordPress True Ranker before version 2.2.4 allows sensitive configuration files such as wp-...

漏洞标题 CVE-2021-24997: WordPress Guppy <=1.1 - Information Disclosure 漏洞描述 WordPress Guppy plugin through 1.1 is susceptible to an API disclosure vulnerability. This can a...

漏洞标题 CVE-2021-20038: SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution 漏洞描述 A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mo...

漏洞标题 CVE-2021-37538: PrestaShop SmartBlog <4.0.6 - SQL Injection 漏洞描述 PrestaShop SmartBlog by SmartDataSoft < 4.0.6 is vulnerable to a SQL injection vulnerability in ...

漏洞标题 CVE-2021-24657: Limit Login Attempts WordPress - Stored Cross-site Scripting 漏洞描述 Limit Login Attempts WordPress plugin < 4.0.50 contains a stored cross-site script...

漏洞标题 CVE-2021-22145: Elasticsearch 7.10.0-7.13.3 - Information Disclosure 漏洞描述 ElasticSsarch 7.10.0 to 7.13.3 is susceptible to information disclosure. A user with the abil...

漏洞标题 Apache APISIX Dashboard CVE-2021-45232 未授权访问漏洞 漏洞描述 Apache APISIX Dashboard存在未授权访问漏洞，此漏洞是缺乏校验导致的。 PoC代码 暂无

漏洞标题 CVE-2021-29156: LDAP Injection In OpenAM 漏洞描述 OpenAM contains an LDAP injection vulnerability. When a user tries to reset his password, they are asked to enter usernam...

漏洞标题 CVE-2021-45092: Thinfinity Iframe Injection 漏洞描述 A vulnerability exists in Thinfinity VirtualUI in a function located in /lab.html reachable which by default could all...

漏洞标题 CVE-2021-24335: WordPress Car Repair Services & Auto Mechanic Theme <4.0 - Cross-Site Scripting 漏洞描述 WordPress Car Repair Services & Auto Mechanic before 4....

漏洞标题 CVE-2021-44528: Open Redirect in Host Authorization Middleware 漏洞描述 Specially crafted "X-Forwarded-Host" headers in combination with certain "allowed ho...

漏洞标题 CVE-2021-24940: WordPress Persian Woocommerce <=5.8.0 - Cross-Site Scripting 漏洞描述 WordPress Persian Woocommerce plugin through 5.8.0 contains a cross-site scripting...