漏洞标题 CVE-2016-1000139: WordPress Infusionsoft Gravity Forms <=1.5.11 - Cross-Site Scripting 漏洞描述 WordPress plugin Infusionsoft 1.5.11 and before contains a reflected cro...

漏洞标题 CVE-2020-22210: 74cms - ajax_officebuilding.php SQL Injection 漏洞描述 A SQL injection vulnerability exists in 74cms 3.2.0 via the x parameter to ajax_officebuilding.php. ...

漏洞标题 CVE-2010-4769: Joomla! Component Jimtawl 1.0.2 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the Jimtawl (com_jimtawl) component 1.0.2 Joomla! all...

漏洞标题 CVE-2016-1000152: WordPress Tidio-form <=1.0 - Cross-Site Scripting 漏洞描述 WordPress tidio-form1.0 contains a reflected cross-site scripting vulnerability which allow...

漏洞标题 CVE-2019-19823: TOTOLINK/Realtek Routers - Information Disclosure 漏洞描述 A certain router administration interface using Realtek APMIB (e.g., on TOTOLINK models) allows ...

漏洞标题 CVE-2024-52433: My Geo Posts Free <= 1.2 - PHP Object Injection 漏洞描述 The My Geo Posts Free plugin for WordPress is vulnerable to PHP Object Injection in versions up...

漏洞标题 CVE-2018-10823: D-Link Routers - Remote Command Injection 漏洞描述 D-Link DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 t...

漏洞标题 CVE-2007-4556: OpenSymphony XWork/Apache Struts2 - Remote Code Execution S2-001 漏洞描述 Apache Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as...

漏洞标题 CVE-2020-11798: Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal 漏洞描述 A Directory Traversal vulnerability in the web conference component of Mitel MiCollab A...

漏洞标题 CVE-2025-2747: Kentico Xperience 13 CMS - Staging Service Authentication Bypass (WT-2025-0006) 漏洞描述 An authentication bypass vulnerability in Kentico Xperience allows ...

漏洞标题 CVE-2018-19137: DomainMOD 4.11.01 - Cross-Site Scripting 漏洞描述 DomainMOD 4.11.01 is vulnerable to reflected cross-site Scripting via assets/edit/ip-address.php. PoC代码

漏洞标题 CVE-2018-11784: Apache Tomcat - Open Redirect 漏洞描述 Apache Tomcat versions prior to 9.0.12, 8.5.34, and 7.0.91 are prone to an open-redirection vulnerability because it...

漏洞标题 CVE-2022-48323: Sunflower Simple and Personal 1.0.1.43315 - Remote Code Execution 漏洞描述 Sunlogin Sunflower Simplified (aka Sunflower Simple and Personal) 1.0.1.43315 is...

漏洞报告 垂直越权900$ http://hackerone.com/reports/1102652 bucket信息泄露500$ http://hackerone.com/reports/1102546 TikTok XSS 6000$ http://hackerone.com/reports/1452375 挖洞技巧 如...

漏洞标题 CVE-2022-47945: Thinkphp Lang - Local File Inclusion 漏洞描述 ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack fe...

漏洞标题 CVE-2022-4328: WooCommerce Checkout Field Manager < 18.0 - Arbitrary File Upload 漏洞描述 The WooCommerce Checkout Field Manager WordPress plugin before 18.0 does not v...