漏洞标题 CVE-2025-27112: Navidrome <=0.54.5 - Authentication Bypass in Subsonic API 漏洞描述 Navidrome is an open source web-based music collection server and streamer. Starting...

漏洞标题 CVE-2024-45622: ASIS - SQL Injection Authentication Bypass 漏洞描述 ASIS (aka Aplikasi Sistem Sekolah using CodeIgniter 3) 3.0.0 through 3.2.0 allows index.php username SQ...

漏洞标题 CVE-2025-5961: WordPress WPvivid Backup & Migration Plugin <= 0.9.116 - Authenticated Arbitrary File Upload 漏洞描述 The Migration, Backup, Staging – WPvivid Backu...

漏洞标题 Apache OFBiz CVE-2024-38856 未授权代码执行漏洞 漏洞描述 Apache OFBiz存在未授权代码执行漏洞，该漏洞是由于ProgramExport接口对用户的权限校验不当导致的。 PoC代码 暂无

漏洞标题 CVE-2017-18598: WordPress Qards - Cross-Site Scripting 漏洞描述 WordPress Qards through 2017-10-11 contains a cross-site scripting vulnerability via a remote document spec...

漏洞标题 CVE-2018-0127: Cisco RV132W/RV134W Router - Information Disclosure 漏洞描述 Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco RV134W VDSL2 Wireless-AC VPN Routers could...

漏洞标题 CVE-2024-37728: OfficeWeb365 Indexs Interface - Arbitrary File Read 漏洞描述 There is any file reading in the officeWeb365 Indexs interface. PoC代码

漏洞标题 CVE-2023-43472: MLFlow < 2.8.1 - Sensitive Information Disclosure 漏洞描述 An issue in MLFlow versions 2.8.1 and before allows a remote attacker to obtain sensitive inf...

漏洞标题 CVE-2023-0037: WordPress 10Web Map Builder < 1.0.73 - Unauthenticated SQL Injection 漏洞描述 The 10Web Map Builder for Google Maps WordPress plugin before 1.0.73 does n...

漏洞标题 CVE-2018-17082: Apache2 - Transfer-Encoding Chunked XSS 漏洞描述 Apache2 PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 contain a ref...

漏洞标题 (CVE-2025-9242) WatchGuard Fireware OS 未授权远程代码执行漏洞 漏洞描述 (CVE-2025-9242) WatchGuard Fireware OS 未授权远程代码执行漏洞 PoC代码 暂无

漏洞标题 CVE-2022-44877: Centos Web Panel 7 Unauthenticated Remote Code 漏洞描述 Shodan: http.title:"Login | Control WebPanel" fofa: app="CWP-虚拟主机控制面板" ...

漏洞标题 CVE-2017-17059: WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting 漏洞描述 WordPress amty-thumb-recent-post plugin 8.1.3 contains a cross-site scripting vulnerability...

漏洞标题 CVE-2024-8517: SPIP BigUp Plugin - Remote Code Execution 漏洞描述 SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenti...

漏洞标题 CVE-2021-41691: openSIS Student Information System 8.0 SQL Injection 漏洞描述 openSIS Student Information System version 8.0 is susceptible to SQL injection via the studen...

漏洞标题 CVE-2022-2544: WordPress Ninja Job Board < 1.3.3 - Direct Request 漏洞描述 WordPress Ninja Job Board plugin prior to 1.3.3 is susceptible to a direct request vulnerabil...