漏洞标题 CVE-2022-24627: AudioCodes Device Manager Express - SQL Injection 漏洞描述 An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is an u...

漏洞标题 CVE-2021-38154: Canon Devices - Authentication Bypass in Catwalk Server 漏洞描述 Certain Canon devices manufactured in 2012 through 2020 (such as imageRUNNER ADVANCE iR-AD...

漏洞标题 CVE-2024-22927: eyoucms v.1.6.5 - Cross-Site Scripting 漏洞描述 Cross Site Scripting (XSS) vulnerability in the func parameter in eyoucms v.1.6.5 allows a remote attacker ...

漏洞标题 CVE-2024-8859: Mlflow < 2.17.0 - Local File Inclusion 漏洞描述 Mlflow before 2.17.0 is susceptible to local file inclusion due to path traversal in GitHub repository ml...

漏洞标题 CVE-2022-1020: WordPress WooCommerce <3.1.2 - Arbitrary Function Call 漏洞描述 WordPress WooCommerce plugin before 3.1.2 does not have authorisation and CSRF checks in ...

漏洞标题 CVE-2023-20073: Cisco VPN Routers - Unauthenticated Arbitrary File Upload 漏洞描述 A vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345, and...

漏洞标题 CVE-2021-40651: OS4Ed OpenSIS Community 8.0 - Local File Inclusion 漏洞描述 OS4Ed OpenSIS Community 8.0 is vulnerable to a local file inclusion vulnerability in Modules.ph...

漏洞标题 CVE-2021-24997: WordPress Guppy <=1.1 - Information Disclosure 漏洞描述 WordPress Guppy plugin through 1.1 is susceptible to an API disclosure vulnerability. This can a...

漏洞标题 CVE-2016-1000133: WordPress forget-about-shortcode-buttons 1.1.1 - Cross-Site Scripting 漏洞描述 Wordpress plugin forget-about-shortcode-buttons 1.1.1 contains a reflected...

漏洞标题 CVE-2024-8517: SPIP BigUp Plugin - Remote Code Execution 漏洞描述 SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenti...

漏洞标题 CVE-2023-4521: Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE 漏洞描述 The Import XML and RSS Feeds WordPress plugin before 2.1.5 allows unauthenticated attacke...

漏洞标题 CVE-2021-31755: Tenda Router AC11 - Remote Command Injection 漏洞描述 Tenda Router AC11 is susceptible to remote command injection vulnerabilities in the web-based managem...

漏洞标题 CVE-2022-1952: WordPress eaSYNC Booking <1.1.16 - Arbitrary File Upload 漏洞描述 WordPress eaSync Booking plugin bundle for hotel, restaurant and car rental before 1.1....

漏洞标题 CVE-2022-1390: WordPress Admin Word Count Column 2.2 - Local File Inclusion 漏洞描述 The plugin does not validate the path parameter given to readfile(), which could allow...

漏洞标题 CVE-2022-35914: GLPI <=10.0.2 - Remote Command Execution 漏洞描述 GLPI through 10.0.2 is susceptible to remote command execution injection in /vendor/htmlawed/htmlawed/...

漏洞标题 CVE-2024-21645: pyload - Log Injection 漏洞描述 A log injection vulnerability was identified in pyload. This vulnerability allows any unauthenticated actor to inject arbit...