漏洞标题 CVE-2019-25213: WordPress Advanced Access Manager - Path Traversal 漏洞描述 The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary Fil...

漏洞标题 CVE-2019-10758: mongo-express Remote Code Execution 漏洞描述 mongo-express before 0.54.0 is vulnerable to remote code execution via endpoints that uses the `toBSON` method...

漏洞标题 Apache Solr CVE-2019-0193 DataImportHandler 代码执行漏洞 漏洞描述 Apache Solr 中存在代码执行漏洞。该漏洞是由于DataImportHandler模块对用户输入的数据验证不足导致的。 PoC代码...

漏洞标题 CVE-2019-15889: WordPress Download Manager <2.9.94 - Cross-Site Scripting 漏洞描述 WordPress Download Manager plugin before 2.9.94 contains a cross-site scripting vulne...

漏洞标题 CVE-2019-2767: Oracle Business Intelligence Publisher - XML External Entity Injection 漏洞描述 Oracle Business Intelligence Publisher is vulnerable to an XML external enti...

漏洞标题 CVE-2019-9881: WPEngine WPGraphQL 0.2.3 - Unauthenticated Comment Posting 漏洞描述 The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress allows unauthenti...

漏洞标题 CVE-2019-3398: Atlassian Confluence Download Attachments - Remote Code Execution 漏洞描述 Confluence Server and Data Center had a path traversal vulnerability in the downl...

漏洞标题 CVE-2019-16920: D-Link Routers - Remote Code Execution 漏洞描述 D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565 contain an unauthenticated remote code ex...

漏洞标题 CVE-2019-10692: WordPress Google Maps <7.11.18 - SQL Injection 漏洞描述 WordPress Google Maps plugin before 7.11.18 contains a SQL injection vulnerability. The plugin i...

漏洞标题 CVE-2019-11248: Debug Endpoint pprof - Exposure Detection 漏洞描述 The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. This debug...

漏洞标题 CVE-2019-13372: D-Link Central WiFi Manager CWM(100) - Remote Code Execution 漏洞描述 /web/Lib/Action/IndexAction.class.php in D-Link Central WiFi Manager CWM(100) before ...

漏洞标题 CVE-2019-20224: Pandora FMS 7.0NG - Remote Command Injection 漏洞描述 Pandora FMS 7.0NG allows remote authenticated users to execute arbitrary OS commands via shell metach...

漏洞标题 CVE-2019-5129: YouPHPTube Encoder 2.3 - Command Injection 漏洞描述 Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing en...

漏洞标题 CVE-2019-20183: Simple Employee Records System 1.0 - Unrestricted File Upload 漏洞描述 Simple Employee Records System 1.0 contains an arbitrary file upload vulnerability d...

漏洞标题 CVE-2019-0230: Apache Struts <=2.5.20 - Remote Code Execution S2-059 漏洞描述 Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation when evaluated on raw user inp...

漏洞标题 CVE-2019-12276: GrandNode 4.40 - Local File Inclusion 漏洞描述 GrandNode 4.40 is susceptible to local file inclusion in Controllers/LetsEncryptController.cs, which allows ...