漏洞标题 CVE-2021-27670: Appspace 6.2.4 - Server-Side Request Forgery 漏洞描述 Appspace 6.2.4 allows SSRF via the api/v1/core/proxy/jsonprequest url parameter. PoC代码

漏洞标题 CVE-2021-22214: Gitlab CE/EE 10.5 - Server-Side Request Forgery 漏洞描述 GitLab CE/EE versions starting from 10.5 are susceptible to a server-side request forgery vulnerab...

漏洞标题 CVE-2021-42627: D-Link DIR-615 - Unauthorized Access 漏洞描述 D-Link DIR-615 devices with firmware 20.06 are susceptible to unauthorized access. An attacker can access the...

漏洞标题 CVE-2021-24235: WordPress Goto Tour & Travel Theme <2.0 - Cross-Site Scripting 漏洞描述 WordPress Goto Tour & Travel theme before 2.0 contains an unauthenticate...

漏洞标题 CVE-2021-30049: SysAid Technologies 20.3.64 b14 - Cross-Site Scripting 漏洞描述 SysAid 20.3.64 b14 contains a cross-site scripting vulnerability via the /KeepAlive.jsp?sta...

漏洞标题 CVE-2021-3654: Nova noVNC - Open Redirect 漏洞描述 Nova noVNC contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obt...

漏洞标题 Apache Solr <= 8.8.1 SSRF(CVE-2021-27905) 漏洞描述 Apache Solr中的ReplicationHandler（通常注册在Solrcore下的“/replication”）有一个“masterUrl”（也称为“leaderUrl”别...

漏洞标题 CVE-2021-25075: WordPress Duplicate Page or Post <1.5.1 - Cross-Site Scripting 漏洞描述 WordPress Duplicate Page or Post plugin before 1.5.1 contains a stored cross-sit...

漏洞标题 CVE-2021-28918: Netmask NPM Package - Server-Side Request Forgery 漏洞描述 Netmask NPM Package is susceptible to server-side request forgery because of improper input vali...

漏洞标题 CVE-2021-43574: Atmail 6.5.0 - Cross-Site Scripting 漏洞描述 Atmail 6.5.0 contains a cross-site scripting vulnerability in WebAdmin Control Pane via the format parameter t...

漏洞标题 CVE-2021-24750: WordPress Visitor Statistics (Real Time Traffic) <4.8 -SQL Injection 漏洞描述 WordPress Visitor Statistics (Real Time Traffic) plugin before 4.8 does no...

漏洞标题 CVE-2021-24452: WordPress W3 Total Cache <2.1.5 - Cross-Site Scripting 漏洞描述 WordPress W3 Total Cache plugin before 2.1.5 is susceptible to cross-site scripting via ...

漏洞标题 CVE-2021-22005: VMware vCenter Server - Arbitrary File Upload 漏洞描述 VMware vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A ma...

漏洞标题 CVE-2021-24288: WordPress AcyMailing <7.5.0 - Open Redirect 漏洞描述 WordPress AcyMailing plugin before 7.5.0 contains an open redirect vulnerability due to improper sa...

漏洞标题 CVE-2021-32305: Websvn <2.6.1 - Remote Code Execution 漏洞描述 WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the...

漏洞标题 CVE-2021-44515: Zoho ManageEngine Desktop Central - Remote Code Execution 漏洞描述 Zoho ManageEngine Desktop Central contains an authentication bypass vulnerability that c...