漏洞标题 CVE-2024-42009: Roundcube Webmail - Cross-Site Scripting 漏洞描述 A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote a...

漏洞标题 CVE-2022-45354: Download Monitor <= 4.7.60 - Sensitive Information Exposure 漏洞描述 The Download Monitor plugin for WordPress is vulnerable to Sensitive Information Ex...

漏洞标题 Atlassian Confluence OGNL注入漏洞(CVE-2022-26134) 漏洞描述 Atlassian Confluence OGNL注入漏洞(CVE-2022-26134) PoC代码 暂无

漏洞标题 Commvault /commandcenter/deployServiceCommcell.do 文件上传漏洞（CVE-2025-34028） 漏洞描述 Commvault是一款数据保护或网络弹性解决方案，为企业备份和复制套件。&nbsp;Commva...

漏洞标题 CVE-2020-35598: Advanced Comment System 1.0 - Local File Inclusion 漏洞描述 ACS Advanced Comment System 1.0 is affected by local file inclusion via an advanced_component_s...

漏洞标题 CVE-2021-37304: Jeecg Boot <= 2.4.5 - Information Disclosure 漏洞描述 An Insecure Permissions issue in jeecg-boot 2.4.5 allows unauthenticated remote attackers to gain ...

漏洞标题 CVE-2024-43160: BerqWP <= 1.7.6 - Arbitrary File Upload 漏洞描述 The BerqWP Automated All-In-One PageSpeed Optimization Plugin for Core Web Vitals, Cache, CDN, Images, ...

漏洞标题 CVE-2021-24278: WordPress Contact Form 7 <2.3.4 - Arbitrary Nonce Generation 漏洞描述 WordPress Contact Form 7 before version 2.3.4 allows unauthenticated users to use ...

漏洞标题 CVE-2019-18394: Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery 漏洞描述 Ignite Realtime Openfire through version 4.4.2 allows attackers to send arbitrar...

漏洞标题 CVE-2021-45027: Oliver 5 Library Server <8.00.008.053 - Local File Inclusion 漏洞描述 Oliver 5 Library Server versions prior to 8.00.008.053 are vulnerable to local fil...

漏洞标题 CVE-2012-2122: MySQL - Authentication Bypass 漏洞描述 sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x be...

漏洞标题 CVE-2019-17662: ThinVNC 1.0b1 - Authentication Bypass 漏洞描述 ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a compromise of the VNC server. The vulne...

漏洞标题 CVE-2022-43016: OpenCATS 0.9.6 - Cross-Site Scripting 漏洞描述 OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the callback component. An attacker can inj...

漏洞标题 CVE-2023-47253: Qualitor <= 8.20 - Remote Code Execution 漏洞描述 Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/ad...

漏洞报告 【Shopify 1,600 USD】Staff who only have apps and channels permission can do a takeover account at the wholesale store (Bypass get invitation link) http://hackerone.com/re...

漏洞标题 CVE-2022-33901: WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read 漏洞描述 WordPress MultiSafepay for WooCommerce plugin through 4.13.1 contains an ...