漏洞标题 CVE-2016-9299: Jenkins CLI - HTTP Java Deserialization 漏洞描述 The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitra...

漏洞标题 CVE-2019-20224: Pandora FMS 7.0NG - Remote Command Injection 漏洞描述 Pandora FMS 7.0NG allows remote authenticated users to execute arbitrary OS commands via shell metach...

漏洞标题 CVE-2020-35476: OpenTSDB 2.4.0 Remote Code Execution 漏洞描述 A remote code execution vulnerability occurs in OpenTSDB through 2.4.0 via command injection in the yrange pa...

漏洞标题 CVE-2023-1317: osTicket < v1.16.6 - Cross-Site Scripting 漏洞描述 Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6. PoC代...

漏洞标题 CVE-2018-17082: Apache2 - Transfer-Encoding Chunked XSS 漏洞描述 Apache2 PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 contain a ref...

漏洞标题 CVE-2023-1671: Sophos Web Appliance - Remote Code Execution 漏洞描述 A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older t...

漏洞标题 CVE-2022-34576: WAVLINK WN535 G3 - Improper Access Control 漏洞描述 WAVLINK WN535 G3 M35G3R.V5030.180927 is susceptible to improper access control. A vulnerability in /cgi...

漏洞标题 CVE-2022-23131: Zabbix - SAML SSO Authentication Bypass 漏洞描述 When SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor b...

漏洞标题 CVE-2022-46888: NexusPHP <1.7.33 - Cross-Site Scripting 漏洞描述 NexusPHP before 1.7.33 contains multiple cross-site scripting vulnerabilities via the secret parameter ...

漏洞标题 CVE-2017-11586: FineCMS <5.0.9 - Open Redirect 漏洞描述 FineCMS 5.0.9 contains an open redirect vulnerability via the url parameter in a sync action. An attacker can re...

漏洞标题 CVE-2020-12800: WordPress Contact Form 7 <1.3.3.3 - Remote Code Execution 漏洞描述 WordPress Contact Form 7 before 1.3.3.3 allows unrestricted file upload and remote co...

漏洞标题 CVE-2020-12116: Zoho ManageEngine OpManger - Arbitrary File Read 漏洞描述 Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an...

漏洞标题 CVE-2015-8350: WordPress Calls to Action <=2.4.3 - Authenticated Reflected XSS 漏洞描述 Calls to Action plugin before 2.5.1 for WordPress contains stored XSS caused by ...

漏洞标题 CVE-2018-10562: Dasan GPON Devices - Remote Code Execution 漏洞描述 Dasan GPON home routers are susceptible to command injection which can occur via the dest_host paramete...

漏洞标题 CVE-2022-35151: kkFileView 4.1.0 - Cross-Site Scripting 漏洞描述 kkFileView 4.1.0 contains multiple cross-site scripting vulnerabilities via the urls and currentUrl parame...

漏洞标题 CVE-2021-24387: WordPress Pro Real Estate 7 Theme <3.1.1 - Cross-Site Scripting 漏洞描述 WordPress Pro Real Estate 7 theme before 3.1.1 contains a reflected cross-site ...