漏洞标题 CVE-2024-13624: WordPress WPMovieLibrary Plugin <= 2.1.4.8 - Cross-Site Scripting 漏洞描述 The WPMovieLibrary WordPress plugin through version 2.1.4.8 contains a reflec...

漏洞标题 CVE-2020-18268: Z-Blog <=1.5.2 - Open Redirect 漏洞描述 Z-Blog 1.5.2 and earlier contains an open redirect vulnerability via the redirect parameter in zb_system/cmd.php...

漏洞标题 CVE-2023-29887: Nuovo Spreadsheet Reader 0.5.11 - Local File Inclusion 漏洞描述 A Local File inclusion vulnerability in test.php in spreadsheet-reader 0.5.11 allows remote...

漏洞标题 CVE-2018-1000226: Cobbler - Authentication Bypass 漏洞描述 Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ and possibly even older versions, may be ...

漏洞标题 CVE-2022-40734: UniSharp aka Laravel Filemanager v2.5.1 - Directory Traversal 漏洞描述 UniSharp laravel-filemanager (aka Laravel Filemanager) through 2.5.1 allows download...

漏洞标题 CVE-2023-0037: WordPress 10Web Map Builder < 1.0.73 - Unauthenticated SQL Injection 漏洞描述 The 10Web Map Builder for Google Maps WordPress plugin before 1.0.73 does n...

漏洞标题 CVE-2024-57514: TP-Link Archer A20 v3 Router - Cross-site Scripting 漏洞描述 The TP-Link Archer A20 v3 router is vulnerable to Cross-site Scripting (XSS) due to improper h...

漏洞标题 CVE-2025-30220: GeoServer WFS - XXE Processing Vulnerability 漏洞描述 GeoServer Web Feature Service (WFS) is vulnerable to an XML External Entity (XXE) processing attack d...

漏洞标题 CVE-2023-6786: Payment Gateway for Telcell < 2.0.4 - Open Redirect 漏洞描述 The plugin does not validate the api_url parameter before redirecting the user to its value,...

漏洞标题 CVE-2022-45933: KubeView <=0.1.31 - Information Disclosure 漏洞描述 KubeView through 0.1.31 is susceptible to information disclosure. An attacker can obtain control of ...

漏洞标题 CVE-2024-37728: OfficeWeb365 Indexs Interface - Arbitrary File Read 漏洞描述 There is any file reading in the officeWeb365 Indexs interface. PoC代码

漏洞标题 CVE-2024-4455: YITH WooCommerce Ajax Search <= 2.4.0 - Cross-Site Scripting 漏洞描述 The YITH WooCommerce Ajax Search plugin for WordPress is vulnerable to Stored Cross...

漏洞标题 Apache Tomcat 远程命令执行(CVE-2025-24813) 漏洞描述 Apache Tomcat 是一个开源的 Java Servlet 容器，广泛用于运行基于 Java 的 Web 应用程序。该漏洞（CVE-2025-24813）允许远程攻...

漏洞标题 CVE-2022-22947: Spring Cloud Gateway Code Injection 漏洞描述 Applications using Spring Cloud Gateway prior to 3.1.1+ and 3.0.7+ are vulnerable to a code injection attack w...

漏洞标题 CVE-2023-43323: mooSocial 3.1.8 - External Service Interaction 漏洞描述 mooSocial 3.1.8 is vulnerable to external service interaction via multiple parameters in the post f...

漏洞标题 CVE-2024-6646: Netgear-WN604 downloadFile.php - Information Disclosure 漏洞描述 There is an information leakage vulnerability in the downloadFile.php interface of Netgear ...