漏洞标题 CVE-2013-4625: WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in files/installer.cleanup.php in the Duplicator...

漏洞标题 CVE-2023-5360: WordPress Royal Elementor Addons Plugin <= 1.3.78 - Arbitrary File Upload 漏洞描述 Arbitrary File Upload vulnerability in WordPress Royal Elementor Addon...

漏洞标题 CVE-2025-49844: Redis Lua Parser < 8.2.2 - Use After Free 漏洞描述 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an ...

漏洞标题 CVE-2020-9402: Django SQL Injection 漏洞描述 Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allow SQL injection if untrusted data is used as a toleran...

漏洞标题 CVE-2018-18777: Microstrategy Web 7 - Local File Inclusion 漏洞描述 Microstrategy Web 7 is vulnerable to local file inclusion via "/WebMstr7/servlet/mstrWeb" (in...

漏洞标题 CVE-2018-19877: Adiscon LogAnalyzer <4.1.7 - Cross-Site Scripting 漏洞描述 Adiscon LogAnalyzer before 4.1.7 contains a cross-site scripting vulnerability in the 'r...

漏洞标题 CVE-2025-30567: WordPress WP01 - Path Traversal 漏洞描述 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wp01ru W...

漏洞标题 CVE-2019-19824: TOTOLINK Realtek SD Routers - Remote Command Injection 漏洞描述 TOTOLINK Realtek SDK based routers may allow an authenticated attacker to execute arbitrary...

漏洞标题 CVE-2014-6287: HTTP File Server <2.3c - Remote Command Execution 漏洞描述 HTTP File Server before 2.3c is susceptible to remote command execution. The findMacroMarker f...

漏洞标题 CVE-2020-14413: NeDi 1.9C - Cross-Site Scripting 漏洞描述 NeDi 1.9C is vulnerable to cross-site scripting because of an incorrect implementation of sanitize() in inc/libmi...

漏洞标题 CVE-2025-25231: Omnissa Workspace ONE UEM - Path Traversal 漏洞描述 Omnissa Workspace ONE UEM contains a path traversal caused by crafted GET requests to restricted API en...

漏洞标题 CVE-2022-3982: WordPress Booking Calendar <3.2.2 - Arbitrary File Upload 漏洞描述 WordPress Booking Calendar plugin before 3.2.2 is susceptible to arbitrary file upload...

漏洞标题 CVE-2021-29490: Jellyfin 10.7.2 - Server Side Request Forgery 漏洞描述 Jellyfin is a free software media system. Versions 10.7.2 and below are vulnerable to unauthenticate...

漏洞标题 CVE-2023-34048: VMware vCenter Server - Out-of-Bounds Write 漏洞描述 vCenter Server contains an out-of-bounds write caused by a vulnerability in the DCERPC protocol implem...

漏洞标题 CVE-2022-22965: Spring - Remote Code Execution 漏洞描述 Spring MVC and Spring WebFlux applications running on Java Development Kit 9+ are susceptible to remote code execut...

漏洞标题 CVE-2024-9264: Grafana Post-Auth DuckDB - SQL Injection To File Read 漏洞描述 The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` que...