漏洞标题 CVE-2021-42565: myfactory FMS - Cross-Site Scripting 漏洞描述 myfactory.FMS before 7.1-912 allows cross-site scripting via the UID parameter. PoC代码

漏洞标题 CVE-2021-24145: WordPress Modern Events Calendar Lite <5.16.5 - Authenticated Arbitrary File Upload 漏洞描述 WordPress Modern Events Calendar Lite plugin before 5.16.5 ...

漏洞标题 CVE-2021-24169: WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting 漏洞描述 WordPress Advanced Order Export For WooCommerce plu...

漏洞标题 CVE-2021-24286: WordPress Plugin Redirect 404 to Parent 1.3.0 - Cross-Site Scripting 漏洞描述 The settings page of the plugin did not properly sanitise the tab parameter b...

漏洞标题 CVE-2021-25074: WordPress WebP Converter for Media < 4.0.3 - Unauthenticated Open Redirect 漏洞描述 WordPress WebP Converter for Media < 4.0.3 contains a file (passt...

漏洞标题 CVE-2021-20114: TCExam <= 14.8.1 - Sensitive Information Exposure 漏洞描述 When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauth...

漏洞标题 CVE-2021-21881: Lantronix PremierWave 2050 8.9.0.0R4 - Remote Command Injection 漏洞描述 Lantronix PremierWave 2050 8.9.0.0R4 contains an OS command injection vulnerabilit...

漏洞标题 CVE-2021-42667: Online Event Booking and Reservation System 2.3.0 - SQL Injection 漏洞描述 Online Event Booking and Reservation System 2.3.0 contains a SQL injection vulne...

漏洞标题 CVE-2021-30047: vsftpd < 3.0.3 - DoS 漏洞描述 vsftpd before 3.0.3 allows remote attackers to cause a denial of service by sending a crafted FTP command. PoC代码

漏洞标题 CVE-2021-31589: BeyondTrust Secure Remote Access Base <=6.0.1 - Cross-Site Scripting 漏洞描述 BeyondTrust Secure Remote Access Base through 6.0.1 contains a cross-site ...

漏洞标题 CVE-2021-46104: webp_server_go 0.4.0 - Path Traversal 漏洞描述 webp_server_go 0.4.0 contains a path traversal caused by insufficient sanitization in file handling, letting...

漏洞标题 CVE-2021-21315: Node.JS System Information Library <5.3.1 - Remote Command Injection 漏洞描述 Node.JS System Information Library System before version 5.3.1 is suscepti...

漏洞标题 CVE-2021-24214: WordPress OpenID Connect Generic Client 3.8.0-3.8.1 - Cross-Site Scripting 漏洞描述 WordPress OpenID Connect Generic Client plugin 3.8.0 and 3.8.1 contains...

漏洞标题 CVE-2021-41460: ECShop 4.1.0 - SQL Injection 漏洞描述 ECShop 4.1.0 has SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information. Po...

漏洞标题 CVE-2021-29622: Prometheus - Open Redirect 漏洞描述 Prometheus 2.23.0 through 2.26.0 and 2.27.0 contains an open redirect vulnerability. To ensure a seamless transition to...

漏洞标题 CVE-2021-27909: Mautic <3.3.4 - Cross-Site Scripting 漏洞描述 Mautic before 3.3.4 contains a cross-site scripting vulnerability on the password reset page in the bundle...