漏洞标题 CVE-2010-1956: Joomla! Component Gadget Factory 1.0.0 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the Gadget Factory (com_gadgetfactory) compone...

漏洞标题 CVE-2022-2863: WordPress WPvivid Backup <0.9.76 - Local File Inclusion 漏洞描述 WordPress WPvivid Backup version 0.9.76 is vulnerable to local file inclusion because th...

漏洞标题 CVE-2023-26067: Lexmark Printers - Command Injection 漏洞描述 Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 1 of 4). PoC代码

漏洞标题 CVE-2020-5776: MAGMI - Cross-Site Request Forgery 漏洞描述 MAGMI (Magento Mass Importer) is vulnerable to cross-site request forgery (CSRF) due to a lack of CSRF tokens. R...

漏洞标题 CVE-2019-0232: Apache Tomcat `CGIServlet` enableCmdLineArguments - Remote Code Execution 漏洞描述 When running on Windows with enableCmdLineArguments enabled, the CGI Serv...

漏洞标题 CVE-2018-11231: Opencart Divido - Sql Injection 漏洞描述 OpenCart Divido plugin is susceptible to SQL injection PoC代码

前言 众所周知，FRP是一款很不错的内网穿透工具，不仅配置环境简单，只需要下载相应版本进行使用即可。今天我们来分析一下这个校验规则，然后尝试利用fofa搜索引擎，寻找不曾设置密码的，再想能...

漏洞标题 CVE-2017-9841: PHPUnit - Remote Code Execution 漏洞描述 PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data...

漏洞标题 CVE-2022-35493: eShop 3.0.4 - Cross-Site Scripting 漏洞描述 eShop 3.0.4 contains a reflected cross-site scripting vulnerability in json search parse and json response in w...

漏洞标题 CVE-2022-0599: WordPress Mapping Multiple URLs Redirect Same Page <=5.8 - Cross-Site Scripting 漏洞描述 WordPress Mapping Multiple URLs Redirect Same Page plugin 5.8 an...

漏洞标题 CVE-2021-25299: Nagios XI 5.7.5 - Cross-Site Scripting 漏洞描述 Nagios XI 5.7.5 contains a cross-site scripting vulnerability in the file /usr/local/nagiosxi/html/admin/ss...

漏洞标题 CVE-2010-0944: Joomla! Component com_jcollection - Directory Traversal 漏洞描述 A directory traversal vulnerability in the JCollection (com_jcollection) component for Joom...

漏洞标题 CVE-2024-32651: Change Detection - Server Side Template Injection 漏洞描述 A Server Side Template Injection in changedetection.io caused by usage of unsafe functions of Ji...

漏洞标题 CVE-2021-29622: Prometheus - Open Redirect 漏洞描述 Prometheus 2.23.0 through 2.26.0 and 2.27.0 contains an open redirect vulnerability. To ensure a seamless transition to...

漏洞标题 CVE-2023-47211: ManageEngine OpManager - Directory Traversal 漏洞描述 A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 1...

漏洞标题 CVE-2014-9094: WordPress DZS-VideoGallery Plugin Cross-Site Scripting 漏洞描述 Multiple cross-site scripting vulnerabilities in deploy/designer/preview.php in the Digital ...