漏洞标题 CVE-2024-28397: pyload-ng js2py - Remote Code Execution 漏洞描述 An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitr...

漏洞标题 CVE-2024-3495: Wordpress Country State City Dropdown <=2.7.2 - SQL Injection 漏洞描述 The Country State City Dropdown CF7 plugin for WordPress is vulnerable to SQL Inje...

漏洞标题 CVE-2023-41538: PHPJabbers PHP Forum Script 3.0 - Cross-Site Scripting 漏洞描述 PhpJabbers PHP Forum Script 3.0 is vulnerable to Cross Site Scripting (XSS) via the keyword...

漏洞标题 CVE-2021-22145: Elasticsearch 7.10.0-7.13.3 - Information Disclosure 漏洞描述 ElasticSsarch 7.10.0 to 7.13.3 is susceptible to information disclosure. A user with the abil...

漏洞标题 CVE-2022-37299: Shirne CMS 1.2.0 - Local File Inclusion 漏洞描述 Shirne CMS 1.2.0 is vulnerable to local file inclusion which could cause arbitrary file read via /static/u...

漏洞标题 CVE-2021-38146: Wipro Holmes Orchestrator 20.4.1 - Arbitrary File Download 漏洞描述 The File Download API in Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows re...

漏洞标题 CVE-2019-17231: WordPress OneTone theme <= 3.0.6 – Unauthenticated Stored XSS 漏洞描述 includes/theme-functions.php in the OneTone theme through 3.0.6 for WordPress ha...

漏洞标题 CVE-2024-28200: N-able N-central < 2024.2 - Authentication Bypass Detection 漏洞描述 N-central server versions prior to 2024.2 contain an authentication bypass in the u...

漏洞标题 CVE-2020-11981: Apache Airflow <=1.10.10 - Command Injection 漏洞描述 An issue was found in Apache Airflow versions 1.10.10 and below. When using CeleryExecutor, if an ...

漏洞标题 CVE-2021-24746: WordPress Sassy Social Share Plugin <3.3.40 - Cross-Site Scripting 漏洞描述 WordPress plugin Sassy Social Share < 3.3.40 contains a reflected cross-s...

漏洞标题 CVE-2020-9376: DLink dir610 credentials dump 漏洞描述 D-Link DIR-610 devices allow Information Disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1 to getcfg.php. N...

漏洞标题 CVE-2023-1317: osTicket < v1.16.6 - Cross-Site Scripting 漏洞描述 Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6. PoC代...

漏洞标题 CVE-2021-39316: WordPress DZS Zoomsounds <=6.50 - Local File Inclusion 漏洞描述 WordPress Zoomsounds plugin 6.45 and earlier allows arbitrary files, including sensitive...

漏洞标题 CVE-2020-26258: XStream <1.4.15 - Server-Side Request Forgery 漏洞描述 XStream before 1.4.15 is susceptible to server-side request forgery. An attacker can request data...

漏洞标题 CVE-2010-2033: Joomla! Percha Categories Tree 0.6 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the Percha Fields Attach (com_perchafieldsattach) ...

漏洞标题 CVE-2015-8813: Umbraco <7.4.0- Server-Side Request Forgery 漏洞描述 Umbraco before version 7.4.0 contains a server-side request forgery vulnerability in feedproxy.aspx ...