漏洞标题 CVE-2019-18371: Xiaomi Mi WiFi R3G Routers - Local file Inclusion 漏洞描述 Xiaomi Mi WiFi R3G devices before 2.28.23-stable are susceptible to local file inclusion vulnera...

漏洞标题 CVE-2019-16332: WordPress API Bearer Auth <20190907 - Cross-Site Scripting 漏洞描述 WordPress API Bearer Auth plugin before 20190907 contains a cross-site scripting vul...

漏洞标题 CVE-2019-11581: Atlassian Jira Server-Side Template Injection 漏洞描述 Jira Server and Data Center is susceptible to a server-side template injection vulnerability via the...

漏洞标题 CVE-2019-17232: WordPress Ultimate FAQs <= 1.8.24 – Unauthenticated Options Import and Export 漏洞描述 Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin throug...

漏洞标题 CVE-2019-16313: ifw8 Router ROM v4.31 - Credential Discovery 漏洞描述 ifw8 Router ROM v4.31 is vulnerable to credential disclosure via action/usermanager.htm HTML source c...

漏洞标题 CVE-2019-10758: mongo-express Remote Code Execution 漏洞描述 mongo-express before 0.54.0 is vulnerable to remote code execution via endpoints that uses the `toBSON` method...

漏洞标题 CVE-2019-1821: Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager - Remote Code Execution 漏洞描述 Cisco Prime Infrastructure (PI) and Cisco Evolved...

漏洞标题 Apache Solr CVE-2019-0193 DataImportHandler 代码执行漏洞 漏洞描述 Apache Solr 中存在代码执行漏洞。该漏洞是由于DataImportHandler模块对用户输入的数据验证不足导致的。 PoC代码...

漏洞标题 CVE-2019-9978: WordPress Social Warfare <3.5.3 - Cross-Site Scripting 漏洞描述 WordPress Social Warfare plugin before 3.5.3 contains a cross-site scripting vulnerabilit...

漏洞标题 CVE-2019-6802: Pypiserver <1.2.5 - Carriage Return Line Feed Injection 漏洞描述 Pypiserver through 1.2.5 and below is susceptible to carriage return line feed injection...

漏洞标题 CVE-2019-12725: Zeroshell 3.9.0 - Remote Command Execution 漏洞描述 Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs b...

漏洞标题 CVE-2019-9762: PHPSHE 1.7 - SQL Injection 漏洞描述 A SQL Injection was discovered in PHPSHE 1.7 in include/plugin/payment/alipay/pay.php with the parameter id. The vulnera...

漏洞标题 Atlassian Jira 用户枚举(CVE-2019-3403) 漏洞描述 8.1.1之前的Jira通过searchOwnerUserName参数中的ConfigurePortalPages.jspa资源包含跨站点脚本漏洞。 PoC代码 暂无

漏洞标题 CVE-2019-16332: WordPress API Bearer Auth <20190907 - Cross-Site Scripting 漏洞描述 WordPress API Bearer Auth plugin before 20190907 contains a cross-site scripting vul...

漏洞标题 CVE-2019-17231: WordPress OneTone theme <= 3.0.6 – Unauthenticated Stored XSS 漏洞描述 includes/theme-functions.php in the OneTone theme through 3.0.6 for WordPress ha...

漏洞标题 CVE-2019-2767: Oracle Business Intelligence Publisher - XML External Entity Injection 漏洞描述 Oracle Business Intelligence Publisher is vulnerable to an XML external enti...