漏洞标题 CVE-2024-5522: WordPress HTML5 Video Player < 2.5.27 - SQL Injection 漏洞描述 The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a param...

漏洞标题 CVE-2025-2776: SysAid On-Prem <= 23.3.40 - XML External Entity 漏洞描述 SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (...

漏洞标题 CVE-2021-31324: CentOS Web Panel - OS Command Injection 漏洞描述 The unprivileged user portal part of CentOS Web Panel is affected by a Command Injection vulnerability lea...

漏洞标题 CVE-2017-5521: Bypassing Authentication on NETGEAR Routers 漏洞描述 NETGEAR routers before 6.0.10 allow remote attackers to bypass authentication and gain access to the ro...

漏洞标题 CVE-2020-9496: Apache OFBiz 17.12.03 - Cross-Site Scripting 漏洞描述 Apache OFBiz 17.12.03 contains cross-site scripting and unsafe deserialization vulnerabilities via an ...

漏洞标题 CVE-2022-0140: WordPress Visual Form Builder <3.0.8 - Information Disclosure 漏洞描述 WordPress Visual Form Builder plugin before 3.0.8 contains a information disclosur...

漏洞标题 CVE-2024-36991: Splunk Enterprise - Local File Inclusion 漏洞描述 In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path...

漏洞标题 CVE-2019-25213: WordPress Advanced Access Manager - Path Traversal 漏洞描述 The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary Fil...

漏洞标题 CVE-2017-17451: WordPress Mailster <=1.5.4 - Cross-Site Scripting 漏洞描述 WordPress Mailster 1.5.4 and before contains a cross-site scripting vulnerability in the unsu...

漏洞标题 CVE-2021-24762: WordPress Perfect Survey <1.5.2 - SQL Injection 漏洞描述 Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET p...

漏洞标题 CVE-2020-0618: Microsoft SQL Server Reporting Services - Remote Code Execution 漏洞描述 Microsoft SQL Server Reporting Services is vulnerable to a remote code execution vu...

漏洞标题 CVE-2024-9264: Grafana Post-Auth DuckDB - SQL Injection To File Read 漏洞描述 The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` que...

漏洞标题 CVE-2022-1910: WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting 漏洞描述 WordPress Shortcodes and extra features plugin for the Phlox the...

漏洞标题 CVE-2023-47211: ManageEngine OpManager - Directory Traversal 漏洞描述 A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 1...

漏洞标题 CVE-2023-5222: Viessmann Vitogate 300 - Hardcoded Password 漏洞描述 A critical vulnerability in Viessmann Vitogate 300 up to 2.1.3.0 allows attackers to authenticate using...

漏洞标题 CVE-2021-40539: Zoho ManageEngine ADSelfService Plus v6113 - Unauthenticated Remote Command Execution 漏洞描述 Zoho ManageEngine ADSelfService Plus version 6113 and prior ...