漏洞标题 CVE-2024-57514: TP-Link Archer A20 v3 Router - Cross-site Scripting 漏洞描述 The TP-Link Archer A20 v3 router is vulnerable to Cross-site Scripting (XSS) due to improper h...

CheckIn题目分析 首先我们来看一下题目，首页就是一个简单的上传界面： 我们先上传一个php文件试一下，显然是illegal的 经过fuzz发现修改content-type和利用特殊扩展名php5、pht等都没有成功（...

漏洞标题 (CVE-2025-48828) vBulletin模板条件处理任意PHP代码执行漏洞 漏洞描述 (CVE-2025-48828) vBulletin模板条件处理任意PHP代码执行漏洞 PoC代码 暂无

漏洞标题 CVE-2023-0948: WordPress Japanized for WooCommerce <2.5.8 - Cross-Site Scripting 漏洞描述 WordPress Japanized for WooCommerce plugin before 2.5.8 is susceptible to cros...

漏洞标题 CVE-2025-2709: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting 漏洞描述 Yonyou UFIDA ERP-NC V5.0 is vulnerable to reflected cross-site scripting (XSS) via the key and redi...

漏洞标题 CVE-2022-2863: WordPress WPvivid Backup <0.9.76 - Local File Inclusion 漏洞描述 WordPress WPvivid Backup version 0.9.76 is vulnerable to local file inclusion because th...

漏洞标题 Ureport v2.1.7 CVE-2023-24189 XXE漏洞 漏洞描述 Ureport v2.1.7 CVE-2023-24189 XXE漏洞 日期: 2024-02-07 | 影响软件: Ureport v2.1.7 | PoC代码

漏洞标题 CVE-2023-5863: phpMyFAQ < 3.2.0 - Cross-site Scripting 漏洞描述 Cross-site Scripting (XSS) Reflected in GitHub repository thorsten/phpmyfaq prior to 3.2.2. PoC代码

漏洞标题 CVE-2010-1540: Joomla! Component com_blog - Directory Traversal 漏洞描述 A directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for ...

漏洞标题 CVE-2018-6910: DedeCMS 5.7 - Path Disclosure 漏洞描述 DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or inc...

/swagger/ /api/swagger/ /swagger/ui/ /api/swagger/ui/ /api/swagger-ui.html/ /swagger/ui/ /api/swagger/ui/ /api/swaggerui/ /swagger-resources/configuration/ui/ /libs/swaggerui/ /use...

漏洞标题 CVE-2018-6910: DedeCMS 5.7 - Path Disclosure 漏洞描述 DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or inc...

漏洞标题 CVE-2020-36510: WordPress 15Zine <3.3.0 - Cross-Site Scripting 漏洞描述 WordPress 15Zine before 3.3.0 is vulnerable to reflected cross-site scripting because the theme ...

漏洞标题 CVE-2007-0885: Jira Rainbow.Zen - Cross-Site Scripting 漏洞描述 Jira Rainbow.Zen contains a cross-site scripting vulnerability via Jira/secure/BrowseProject.jspa which all...

最近公司需要配置服务器，要求centos虚拟机可以yum install、docker拉互联网镜像，因此需要访问互联网。那么本文就介绍一下virtualbox centos7 nat+host-only方式联网踩坑总结，感兴趣的可以了...

漏洞标题 Citrix ShareFile 存在代码注入漏洞(CVE-2023-24489) 漏洞描述 Citrix旗下多款交付控制器和网关存在RCE漏洞，攻击者在无需身份验证的情况下就可执行任意命令。Citrix ShareFile存在代...