漏洞标题 CVE-2020-13700: WordPress acf-to-rest-api <=3.1.0 - Insecure Direct Object Reference 漏洞描述 WordPress acf-to-rest-ap through 3.1.0 allows an insecure direct object re...

漏洞标题 CVE-2020-11529: Grav < 1.7 - Open Redirect 漏洞描述 Grav before 1.7 has an open redirect vulnerability via common/Grav.php. This is partially fixed in 1.6.23 and still ...

漏洞标题 CVE-2020-0618: Microsoft SQL Server Reporting Services - Remote Code Execution 漏洞描述 Microsoft SQL Server Reporting Services is vulnerable to a remote code execution vu...

漏洞标题 (CVE-2020-5410) Spring Cloud Config 目录遍历漏洞 漏洞描述 (CVE-2020-5410) Spring Cloud Config 目录遍历漏洞 PoC代码 暂无

漏洞标题 CVE-2020-24312: WordPress Plugin File Manager (wp-file-manager) Backup Disclosure 漏洞描述 mndpsingh287 WP File Manager v6.4 and lower fails to restrict external access to...

漏洞标题 CVE-2020-26248: PrestaShop Product Comments <4.2.0 - SQL Injection 漏洞描述 PrestaShop Product Comments module before version 4.2.1 contains a SQL injection vulnerabili...

漏洞标题 CVE-2020-35848: Agentejo Cockpit <0.12.0 - NoSQL Injection 漏洞描述 Agentejo Cockpit prior to 0.12.0 is vulnerable to NoSQL Injection via the newpassword method of the ...

漏洞标题 CVE-2020-13483: Bitrix24 <=20.0.0 - Cross-Site Scripting 漏洞描述 The Web Application Firewall in Bitrix24 up to and including 20.0.0 allows XSS via the items[ITEMS][ID...

漏洞标题 CVE-2020-8982: Citrix ShareFile StorageZones <=5.10.x - Arbitrary File Read 漏洞描述 Citrix ShareFile StorageZones (aka storage zones) Controller versions through at le...

漏洞标题 CVE-2020-5410: Spring Cloud Config Server - Local File Inclusion 漏洞描述 Spring Cloud Config Server versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and olde...

漏洞标题 CVE-2020-35713: Belkin Linksys RE6500 <1.0.012.001 - Remote Command Execution 漏洞描述 Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execut...

漏洞标题 CVE-2020-25078: D-Link DCS-2530L/DCS-2670L - Administrator Password Disclosure 漏洞描述 D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices are vulne...

漏洞标题 CVE-2020-1943: Apache OFBiz <=16.11.07 - Cross-Site Scripting 漏洞描述 Apache OFBiz 16.11.01 to 16.11.07 is vulnerable to cross-site scripting because data sent with co...

漏洞标题 CVE-2020-2551: Oracle WebLogic Server - Remote Code Execution 漏洞描述 Oracle WebLogic Server (Oracle Fusion Middleware (component: WLS Core Components) is susceptible to ...

漏洞标题 CVE-2020-17463: Fuel CMS 1.4.7 - SQL Injection 漏洞描述 FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items...

漏洞标题 CVE-2020-14181: Jira Server and Data Center - Information Disclosure 漏洞描述 Jira Server and Data Center is susceptible to information disclosure. An attacker can enumera...