漏洞标题 CVE-2024-22927: eyoucms v.1.6.5 - Cross-Site Scripting 漏洞描述 Cross Site Scripting (XSS) vulnerability in the func parameter in eyoucms v.1.6.5 allows a remote attacker ...

漏洞标题 Confluence viewdefaultdecorator.action-任意文件读取(CVE-2015-8399) 漏洞描述 【漏洞对象】Atlassian Confluence 【涉及版本】<5.8.17 【漏洞描述】该漏洞源于spaces/viewdefaul...

漏洞标题 BackupBuddy 存在本地文件包含漏洞（CVE-2022-31474） 漏洞描述 BackupBuddy 是WordPress一款备份迁移插件。BackupBuddy 8.5.8.0 - 8.7.4.1版本存在本地文件包含漏洞，攻击者可以利用...

漏洞标题 CVE-2019-7276: Optergy Proton/Enterprise - Unauthenticated RCE via Backdoor Console 漏洞描述 Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backd...

漏洞标题 CVE-2019-19825: TOTOLINK/Realtek Routers - CAPTCHA Bypass 漏洞描述 On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via a POST request to t...

漏洞标题 CVE-2022-44877: Centos Web Panel 7 Unauthenticated Remote Code 漏洞描述 Shodan: http.title:"Login | Control WebPanel" fofa: app="CWP-虚拟主机控制面板" ...

漏洞标题 CVE-2021-25114: WordPress Paid Memberships Pro <2.6.7 - Blind SQL Injection 漏洞描述 WordPress Paid Memberships Pro plugin before 2.6.7 is susceptible to blind SQL inje...

漏洞标题 Apache Struts2-输入验证漏洞(S2-057)(CVE-2018-11776) 漏洞描述 【漏洞对象】Apache Struts 2 【涉及版本】2.3-2.3.34，2.5-2.5.16 【漏洞描述】软件存在输入验证漏洞，远程攻击者可...

漏洞标题 CVE-2016-3081: Apache S2-032 Struts - Remote Code Execution 漏洞描述 Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when dynamic method invoca...

漏洞标题 CVE-2024-2782: WordPress FluentForms <= 5.1.16 - Broken Access Control 漏洞描述 The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Bu...

漏洞标题 CVE-2022-1390: WordPress Admin Word Count Column 2.2 - Local File Inclusion 漏洞描述 The plugin does not validate the path parameter given to readfile(), which could allow...

漏洞标题 CVE-2023-6875: WordPress POST SMTP Mailer <= 2.8.7 - Authorization Bypass 漏洞描述 The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP ...

漏洞标题 CVE-2021-44228: Apache Log4j2 Remote Code Injection 漏洞描述 Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect aga...

漏洞标题 CVE-2022-24990: TerraMaster TOS < 4.2.30 Server Information Disclosure 漏洞描述 TerraMaster NAS devices running TOS prior to version 4.2.30 are vulnerable to informatio...

漏洞标题 CVE-2021-24435: WordPress Titan Framework plugin <= 1.12.1 - Cross-Site Scripting 漏洞描述 The iframe-font-preview.php file of the titan-framework does not properly esc...

漏洞标题 CVE-2024-13322: Ads Pro Plugin <= 4.88 - Unauthenticated SQL Injection 漏洞描述 The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is...