漏洞标题 CVE-2019-17671: WordPress <= 5.2.4 - Unauthenticated View Private/Draft Posts 漏洞描述 WordPress before 5.2.4 contains an information disclosure caused by mishandling o...

漏洞标题 CVE-2019-1653: Cisco Small Business WAN VPN Routers - Sensitive Information Disclosure 漏洞描述 Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could all...

漏洞标题 CVE-2019-13372: D-Link Central WiFi Manager CWM(100) - Remote Code Execution 漏洞描述 /web/Lib/Action/IndexAction.class.php in D-Link Central WiFi Manager CWM(100) before ...

漏洞标题 Atlassian Jira 信息泄露(CVE-2019-3401) 漏洞描述 Jira 7.13.3之前版本和8.1.1之前版本8.0.0中的ManageFilters.jspa资源允许远程攻击者通过不正确的授权检查枚举用户名。 PoC代码 暂...

漏洞标题 CVE-2019-12581: Zyxel ZyWal/USG/UAG Devices - Cross-Site Scripting 漏洞描述 Zyxel ZyWall, USG, and UAG devices allow remote attackers to inject arbitrary web script or HTM...

漏洞标题 CVE-2019-14470: WordPress UserPro 4.9.32 - Cross-Site Scripting 漏洞描述 WordPress UserPro 4.9.32 is vulnerable to reflected cross-site scripting because the Instagram PHP...

漏洞标题 CVE-2019-10647: ZZZCMS ZZZPHP 1.6.3 – Remote PHP Code Execution (RCE) 漏洞描述 ZZZCMS zzzphp v1.6.3 contains a remote code execution caused by lack of restrictions in inc...

漏洞标题 CVE-2019-11869: WordPress Yuzo <5.12.94 - Cross-Site Scripting 漏洞描述 WordPress Yuzo Related Posts plugin before 5.12.94 is vulnerable to cross-site scripting because...

漏洞标题 CVE-2019-9762: PHPSHE 1.7 - SQL Injection 漏洞描述 A SQL Injection was discovered in PHPSHE 1.7 in include/plugin/payment/alipay/pay.php with the parameter id. The vulnera...

漏洞标题 CVE-2019-8982: Wavemaker Studio 6.6 - Local File Inclusion/Server-Side Request Forgery 漏洞描述 WaveMaker Studio 6.6 mishandles the studioService.download?method=getConten...

漏洞标题 CVE-2019-3396: Atlassian Confluence Server - Path Traversal 漏洞描述 The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for...

漏洞标题 CVE-2019-20504: Dell KACE Systems Management Appliance (K1000) 6.4.120756 - Remote Code Execution 漏洞描述 service/krashrpt.php in Quest KACE K1000 Systems Management Appl...

漏洞标题 Atlassian Jira 信息泄露(CVE-2019-3401) 漏洞描述 Jira 7.13.3之前版本和8.1.1之前版本8.0.0中的ManageFilters.jspa资源允许远程攻击者通过不正确的授权检查枚举用户名。 PoC代码 暂...

漏洞标题 CVE-2019-2588: Oracle Business Intelligence - Path Traversal 漏洞描述 Oracle Business Intelligence versions 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0 are vulnerable to path tr...

漏洞标题 CVE-2019-17270: Yachtcontrol Webapplication 1.0 - Remote Command Injection 漏洞描述 Yachtcontrol Webapplication 1.0 makes it possible to perform direct operating system co...

漏洞标题 CVE-2019-7219: Zarafa WebApp <=2.0.1.47791 - Cross-Site Scripting 漏洞描述 Zarafa WebApp 2.0.1.47791 and earlier contains an unauthenticated reflected cross-site script...