漏洞标题 CVE-2023-28121: WooCommerce Payments - Unauthorized Admin Access 漏洞描述 An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauth...

漏洞标题 CVE-2016-1000132: WordPress enhanced-tooltipglossary 3.2.8 - Cross-Site Scripting 漏洞描述 WordPress enhanced-tooltipglossary 3.2.8 contains a reflected cross-site scripti...

漏洞标题 CVE-2024-4340: sqlparse - Denial of Service 漏洞描述 Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError. PoC代码

漏洞标题 CVE-2021-39144: XStream 1.4.18 - Remote Code Execution 漏洞描述 XStream 1.4.18 is susceptible to remote code execution. An attacker can execute commands of the host by man...

漏洞标题 CVE-2019-8086: Adobe Experience Manager - XML External Entity Injection 漏洞描述 Adobe Experience Manager 6.5, 6.4, 6.3 and 6.2 are susceptible to XML external entity inje...

漏洞标题 CVE-2024-0195: SpiderFlow Crawler Platform - Remote Code Execution 漏洞描述 A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is ...

漏洞标题 CVE-2017-18598: WordPress Qards - Cross-Site Scripting 漏洞描述 WordPress Qards through 2017-10-11 contains a cross-site scripting vulnerability via a remote document spec...

漏洞标题 CVE-2023-1546: MyCryptoCheckout < 2.124 - Cross-Site Scripting 漏洞描述 The MyCryptoCheckout WordPress plugin before 2.124 does not escape some URLs before outputting t...

漏洞标题 CVE-2022-2461: Transposh WordPress Translation <= 1.0.8 - Unauthenticated Settings Change 漏洞描述 The Transposh WordPress Translation plugin for WordPress is vulnerabl...

漏洞标题 CVE-2022-43018: OpenCATS 0.9.6 - Cross-Site Scripting 漏洞描述 OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the email parameter in the Check Email func...

漏洞标题 CVE-2014-6308: Osclass Security Advisory 3.4.1 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in OSClass before 3.4.2 allows remote attackers to read ...

漏洞标题 CVE-2019-9618: WordPress GraceMedia Media Player 1.0 - Local File Inclusion 漏洞描述 WordPress GraceMedia Media Player plugin 1.0 is susceptible to local file inclusion vi...

漏洞标题 CVE-2024-40711: Veeam Backup & Replication - Unauthenticated 漏洞描述 A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthent...

漏洞标题 CVE-2025-2539: File Away <= 3.9.9.0.1 - Missing Authorization to Unauthenticated Arbitrary File Read 漏洞描述 The File Away plugin for WordPress is vulnerable to unauth...

漏洞标题 Bylancer Quicklancer CVE-2024-7188 SQL注入漏洞 漏洞描述 Bylancer Quicklancer是Bylancer公司的一个自由职业者平台。Bylancer Quicklancer 存在SQL注入漏洞。此漏洞是由于对用户发...

漏洞标题 CVE-2024-30269: DataEase <= 2.4.1 - Sensitive Information Exposure 漏洞描述 DataEase, an open source data visualization and analysis tool, has a database configuration ...