漏洞标题 Apache OFBiz CVE-2018-8033 XML外部实体注入漏洞 漏洞描述 Apache OFBiz存在XML外部实体注入漏洞，此漏洞是由于httpService接口对用户的请求验证不当导致的。 PoC代码 暂无

漏洞标题 CVE-2012-4242: WordPress Plugin MF Gig Calendar 0.9.2 - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in the MF Gig Calendar plugin 0.9.2 for WordPres...

漏洞标题 CVE-2023-29084: ManageEngine ADManager Plus - Command Injection 漏洞描述 Zoho ManageEngine ADManager Plus through 7180 allows for authenticated users to exploit command in...

漏洞标题 CVE-2024-10486: Google for WooCommerce <= 2.8.6 - Information Disclosure via Publicly Accessible PHP Info File 漏洞描述 The Google for WooCommerce plugin for WordPress ...

漏洞标题 CVE-2016-1000129: WordPress defa-online-image-protector <=3.3 - Cross-Site Scripting 漏洞描述 WordPress defa-online-image-protector 3.3 and before contains a reflected ...

漏洞标题 CVE-2024-0692: SolarWinds Security Event Manager - Unauthenticated RCE 漏洞描述 The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerabilit...

漏洞标题 CVE-2018-18775: Microstrategy Web 7 - Cross-Site Scripting 漏洞描述 Microstrategy Web 7 does not sufficiently encode user-controlled inputs, resulting in cross-site script...

漏洞标题 CVE-2023-27584: Dragonfly2 < 2.1.0-beta.1 - Hardcoded JWT Secret 漏洞描述 Dragonfly is an open source P2P-based file distribution and image acceleration system. It is h...

漏洞标题 Commvault /commandcenter/deployServiceCommcell.do 文件上传漏洞（CVE-2025-34028） 漏洞描述 Commvault是一款数据保护或网络弹性解决方案，为企业备份和复制套件。&nbsp;Commva...

漏洞标题 CVE-2023-34843: Traggo directory traversal 漏洞描述 CVE-2023-34843 Traggo Server 0.3.0 is vulnerable to directory traversal via a crafted GET reques fofa: "traggo&quo...

漏洞标题 CVE-2021-25085: WOOF WordPress plugin - Cross-Site Scripting 漏洞描述 The WOOF WordPress plugin does not sanitize or escape the woof_redraw_elements parameter before refle...

漏洞标题 CVE-2018-17082: Apache2 - Transfer-Encoding Chunked XSS 漏洞描述 Apache2 PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 contain a ref...

漏洞标题 CVE-2021-25297: Nagios 5.5.6-5.7.5 - Authenticated Remote Command Injection 漏洞描述 Nagios XI 5.5.6 through 5.7.5 is susceptible to authenticated remote command injection...

漏洞标题 CVE-2010-4719: Joomla! Component JRadio - Local File Inclusion 漏洞描述 A directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allow...

漏洞标题 CVE-2023-1719: Bitrix Component - Cross-Site Scripting 漏洞描述 Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows unauthenticated rem...

漏洞标题 CVE-2018-15517: D-Link Central WifiManager - Server-Side Request Forgery 漏洞描述 D-Link Central WifiManager is susceptible to server-side request forgery. The MailConnect...