漏洞标题 CVE-2017-11586: FineCMS <5.0.9 - Open Redirect 漏洞描述 FineCMS 5.0.9 contains an open redirect vulnerability via the url parameter in a sync action. An attacker can re...

漏洞标题 CVE-2021-34622: WordPress ProfilePress <= 3.1.3 - Privilege Escalation 漏洞描述 ProfilePress plugin before 3.1.4 allows privilege escalation. Due to insufficient valida...

漏洞标题 CVE-2024-8181: Flowise <= 1.8.2 Authentication Bypass 漏洞描述 An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauth...

漏洞标题 CVE-2024-7593: Ivanti vTM - Authentication Bypass 漏洞描述 Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allow...

漏洞标题 CVE-2023-4113: PHPJabbers Service Booking Script 1.0 - Cross Site Scripting 漏洞描述 A vulnerability was found in PHP Jabbers Service Booking Script 1.0. It has been decla...

漏洞标题 CVE-2021-22053: Spring Cloud Netflix Hystrix Dashboard <2.2.10 - Remote Code Execution 漏洞描述 Spring Cloud Netflix Hystrix Dashboard prior to version 2.2.10 is suscep...

漏洞标题 CVE-2014-1843: Titan FTP Server < 10.40 - User Properties Traversal 漏洞描述 Titan FTP Server versions prior to 10.40 build 1829 contain a directory traversal vulnerabi...

漏洞标题 CVE-2024-4956: Sonatype Nexus Repository Manager 3 - Local File Inclusion 漏洞描述 Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read...

漏洞标题 CVE-2017-16894: Laravel .env 配置文件泄露 漏洞描述 Laravel Framework是Taylor Otwell软件开发者开发的一款基于PHP的Web应用程序开发框架。 Laravel framework 5.5.21及之前的版本...

漏洞标题 CVE-2022-39986: RaspAP 2.8.7 - Unauthenticated Command Injection 漏洞描述 A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to ...

漏洞标题 CVE-2025-49029: WordPress Custom Login And Signup Widget Plugin <= 1.0 - Arbitrary Code Execution 漏洞描述 Improper Control of Generation of Code ('Code Injection&...

漏洞标题 CVE-2021-3654: Nova noVNC - Open Redirect 漏洞描述 Nova noVNC contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obt...

漏洞标题 CVE-2021-25299: Nagios XI 5.7.5 - Cross-Site Scripting 漏洞描述 Nagios XI 5.7.5 contains a cross-site scripting vulnerability in the file /usr/local/nagiosxi/html/admin/ss...

漏洞标题 CVE-2011-4624: GRAND FlAGallery 1.57 - Cross-Site Scripting 漏洞描述 A cross-site scripting (XSS) vulnerability in facebook.php in the GRAND FlAGallery plugin (flash-album...

漏洞标题 CVE-2021-22053: Spring Cloud Netflix Hystrix Dashboard <2.2.10 - Remote Code Execution 漏洞描述 Spring Cloud Netflix Hystrix Dashboard prior to version 2.2.10 is suscep...

漏洞标题 CVE-2023-48241: XWiki < 4.10.15 - Information Disclosure 漏洞描述 The Solr-based search suggestion provider that also duplicates as generic JavaScript API for search re...