漏洞标题 CVE-2021-39350: FV Flowplayer Video Player WordPress plugin - Authenticated Cross-Site Scripting 漏洞描述 The FV Flowplayer Video Player WordPress plugin is vulnerable to ...

漏洞标题 CVE-2025-46822: Java-springboot-codebase 1.1 - Arbitrary File Read 漏洞描述 OsamaTaher/Java-springboot-codebase is a collection of Java and Spring Boot code snippets, appl...

漏洞标题 CVE-2022-1916: WordPress Active Products Tables for WooCommerce <1.0.5 - Cross-Site Scripting 漏洞描述 WordPress Active Products Tables for WooCommerce plugin prior to ...

漏洞标题 CVE-2023-48777: WordPress Elementor 3.18.1 - File Upload/Remote Code Execution 漏洞描述 The plugin is vulnerable to Remote Code Execution via file upload via the template ...

漏洞标题 CVE-2022-35493: eShop 3.0.4 - Cross-Site Scripting 漏洞描述 eShop 3.0.4 contains a reflected cross-site scripting vulnerability in json search parse and json response in w...

漏洞标题 CVE-2024-28000: WordPress LiteSpeed Cache - Unauthenticated Privilege Escalation to Admin 漏洞描述 Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies L...

漏洞标题 CVE-2010-2034: Joomla! Component Percha Image Attach 1.1 - Directory Traversal 漏洞描述 A directory traversal vulnerability in the Percha Image Attach (com_perchaimageatta...

漏洞标题 CVE-2020-24312: WordPress Plugin File Manager (wp-file-manager) Backup Disclosure 漏洞描述 mndpsingh287 WP File Manager v6.4 and lower fails to restrict external access to...

漏洞标题 CVE-2021-34473: Exchange Server - Remote Code Execution 漏洞描述 Microsoft Exchange Server is vulnerable to a remote code execution vulnerability. This CVE ID is unique fr...

漏洞标题 CVE-2015-7297: Joomla Core SQL Injection 漏洞描述 Joomla 3.4.4 之前的 3.2 SQL 注入漏洞 Joomla 中的 SQL 注入漏洞！3.4.4 之前的 3.2 允许远程攻击者通过未指定的向量执行任意 SQ...

漏洞报告 【 U.S. Dept Of Defense】Expired SSL Certificate allows credentials steal http://hackerone.com/reports/1344951 【 U.S. Dept Of Defense】Unauthenticated Access to Admin Pan...

漏洞标题 (CVE-2025-4123) Grafana 路径遍历与开放重定向导致的跨站脚本漏洞 漏洞描述 (CVE-2025-4123) Grafana 路径遍历与开放重定向导致的跨站脚本漏洞 PoC代码 暂无

推荐一个项目， http://github.com/test502git/awvs13_batch_py3 用于对Apache-log4j漏洞进行自查，用的是AWVS14，所以检测效果与覆盖面 都比较好 脚本是增加仅log4j专项 与批量添加功能，还有...

漏洞标题 CVE-2023-44353: Adobe ColdFusion WDDX Deserialization Gadgets 漏洞描述 Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserial...

漏洞标题 CVE-2020-35951: Wordpress Quiz and Survey Master <7.0.1 - Arbitrary File Deletion 漏洞描述 Wordpress Quiz and Survey Master <7.0.1 allows users to delete arbitrary f...

漏洞标题 CVE-2021-27877: Veritas Backup Exec - Broken Authentication 漏洞描述 An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication scheme...