漏洞标题 CVE-2025-46822: Java-springboot-codebase 1.1 - Arbitrary File Read 漏洞描述 OsamaTaher/Java-springboot-codebase is a collection of Java and Spring Boot code snippets, appl...

本文转载于公众号：融云攻防实验室，原文地址： 漏洞复现 TerraMaster TOS exportUser.php 远程命令执行 TerramasterTOS是中国深圳市图美电子技术（Terramaster）公司的一款基于Linux平台的，专...

漏洞标题 CVE-2019-14789: Custom 404 Pro < 3.2.8 - Cross-Site Scripting 漏洞描述 Custom 404 Pro before 3.2.9 is susceptible to cross-site scripting via the title parameter due to...

漏洞标题 CVE-2021-26599: ImpressCMS < 1.4.3 - SQL Injection 漏洞描述 ImpressCMS before 1.4.3 is vulnerable to SQL injection via the groups parameter in include/findusers.php, al...

漏洞标题 CVE-2024-10486: Google for WooCommerce <= 2.8.6 - Information Disclosure via Publicly Accessible PHP Info File 漏洞描述 The Google for WooCommerce plugin for WordPress ...

漏洞标题 CVE-2021-34621: WordPress ProfilePress 3.0.0-3.1.3 - Admin User Creation Weakness 漏洞描述 ProfilePress WordPress plugin is susceptible to a vulnerability in the user regi...

漏洞标题 Ametys CMS CVE-2022-26159信息泄露漏洞 漏洞描述 Ametys CMS 存在信息泄露漏洞，此漏洞是缺乏校验导致的。 PoC代码 暂无

漏洞标题 CVE-2021-24681: Duplicate Page WordPress - Stored Cross-Site Scripting 漏洞描述 Duplicate Page WordPress plugin <= 4.4.2 contains a stored cross-site scripting caused b...

漏洞标题 CVE-2024-36401: GeoServer RCE in Evaluating Property Name Expressions 漏洞描述 In the GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer, multiple OGC reque...

漏洞标题 CVE-2022-43769: Hitachi Pentaho Business Analytics Server - Remote Code Execution 漏洞描述 Hitachi Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2,...

漏洞标题 CVE-2024-6646: Netgear-WN604 downloadFile.php - Information Disclosure 漏洞描述 There is an information leakage vulnerability in the downloadFile.php interface of Netgear ...

漏洞标题 CVE-2022-0594: WordPress Shareaholic <9.7.6 - Information Disclosure 漏洞描述 WordPress Shareaholic plugin prior to 9.7.6 is susceptible to information disclosure. The ...

漏洞标题 CVE-2020-13851: Artica Pandora FMS 7.44 - Remote Code Execution 漏洞描述 Artica Pandora FMS 7.44 allows remote command execution via the events feature. PoC代码

漏洞标题 CVE-2012-6499: WordPress Plugin Age Verification v0.4 - Open Redirect 漏洞描述 Open redirect vulnerability in age-verification.php in the Age Verification plugin 0.4 and e...

漏洞标题 CVE-2017-9841: PHPUnit - Remote Code Execution 漏洞描述 PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data...

漏洞标题 CVE-2023-43187: NodeBB XML-RPC Request xmlrpc.php - XML Injection 漏洞描述 A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB foru...