漏洞标题 CVE-2024-36991: Splunk Enterprise - Local File Inclusion 漏洞描述 In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path...

漏洞标题 CVE-2024-55457: MasterSAM Star Gate v11 - Local File Inclusion 漏洞描述 MasterSAM Star Gate v11 is vulnerable to a directory traversal attack via the endpoint /adama/adama...

漏洞标题 CVE-2018-15745: Argus Surveillance DVR 4.0.0.0 - Local File Inclusion 漏洞描述 Argus Surveillance DVR 4.0.0.0 devices allow unauthenticated local file inclusion, leading t...

漏洞标题 CVE-2022-44950: Rukovoditel <= 3.2.1 - Cross Site Scripting 漏洞描述 Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in t...

漏洞标题 CVE-2021-30497: Ivanti Avalanche 6.3.2 - Local File Inclusion 漏洞描述 Ivanti Avalanche 6.3.2 is vulnerable to local file inclusion because it allows remote unauthenticate...

漏洞标题 CVE-2018-8006: Apache ActiveMQ <=5.15.5 - Cross-Site Scripting 漏洞描述 Apache ActiveMQ versions 5.0.0 to 5.15.5 are vulnerable to cross-site scripting via the web base...

漏洞标题 CVE-2004-1641: Titan FTP ≤ 3.21 - Heap Overflow via Long Commands 漏洞描述 Titan FTP versions ≤ 3.21 contain heap overflow vulnerabilities when processing long FTP comma...

漏洞标题 CVE-2020-8772: WordPress InfiniteWP <1.9.4.5 - Authorization Bypass 漏洞描述 WordPress InfiniteWP plugin before 1.9.4.5 for WordPress contains an authorization bypass v...

漏洞标题 CVE-2023-1671: Sophos Web Appliance - Remote Code Execution 漏洞描述 A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older t...

漏洞标题 CVE-2023-46747: F5 BIG-IP - Unauthenticated RCE via AJP Smuggling 漏洞描述 CVE-2023-46747 is a critical severity authentication bypass vulnerability in F5 BIG-IP that coul...

漏洞标题 CVE-2022-24260: VoipMonitor - Pre-Auth SQL Injection 漏洞描述 A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileges to the...

漏洞标题 CVE-2020-35847: Agentejo Cockpit <0.11.2 - NoSQL Injection 漏洞描述 Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword func...

漏洞标题 CVE-2021-29622: Prometheus - Open Redirect 漏洞描述 Prometheus 2.23.0 through 2.26.0 and 2.27.0 contains an open redirect vulnerability. To ensure a seamless transition to...

漏洞标题 CVE-2018-7193: osTicket < 1.10.2 - Cross-Site Scripting 漏洞描述 Cross-site scripting (XSS) vulnerability in /scp/directory.php in Enhancesoft osTicket before 1.10.2 al...

漏洞标题 CVE-2022-48012: OpenCATS 0.9.7 - Cross-Site Scripting 漏洞描述 OpenCATS 0.9.7 contains a cross-site scripting vulnerability via the component /opencats/index.php?m=setting...

漏洞标题 CVE-2023-45375: PrestaShop PireosPay - SQL Injection 漏洞描述 In the module “PireosPay” (pireospay) up to version 1.7.9 from 01generator.com for PrestaShop, a guest can ...