最新发布第820页
Apache Spark-未授权命令执行(CVE-2022-33891)
漏洞标题 Apache Spark-未授权命令执行(CVE-2022-33891) 漏洞描述 Apache Spark UI 可以设置选项 spark.acls.enable 启用 ACL,使用身份验证过滤器。用以检查用户是否具有查看或修改应用程序的...
CVE-2018-7193: osTicket < 1.10.2 - Cross-Site Scripting
漏洞标题 CVE-2018-7193: osTicket < 1.10.2 - Cross-Site Scripting 漏洞描述 Cross-site scripting (XSS) vulnerability in /scp/directory.php in Enhancesoft osTicket before 1.10.2 al...
CVE-2021-30128: Apache OFBiz <17.12.07 - Arbitrary Code Execution
漏洞标题 CVE-2021-30128: Apache OFBiz <17.12.07 - Arbitrary Code Execution 漏洞描述 Apache OFBiz before 17.12.07 is susceptible to arbitrary code execution via unsafe deserializ...
CVE-2016-1000148: WordPress S3 Video <=0.983 - Cross-Site Scripting
漏洞标题 CVE-2016-1000148: WordPress S3 Video <=0.983 - Cross-Site Scripting 漏洞描述 WordPress S3 Video and before contains a reflected cross-site scripting vulnerability which...
CVE-2019-7192: QNAP QTS and Photo Station 6.0.3 – Remote Command Execution
漏洞标题 CVE-2019-7192: QNAP QTS and Photo Station 6.0.3 - Remote Command Execution 漏洞描述 This improper access control vulnerability allows remote attackers to gain unauthorized...
CVE-2023-26255: STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion
漏洞标题 CVE-2023-26255: STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion 漏洞描述 STAGIL Navigation for Jira Menu & Themes plugin before 2.0.52 i...
Apache OFBiz CVE-2021-29200 不安全的反序列化漏洞
漏洞标题 Apache OFBiz CVE-2021-29200 不安全的反序列化漏洞 漏洞描述 Apache OFBiz存在不安全的反序列化漏洞,此漏洞是缺乏校验导致的。 PoC代码 暂无
CVE-2023-36934: MOVEit Transfer – SQL Injection
漏洞标题 CVE-2023-36934: MOVEit Transfer - SQL Injection 漏洞描述 In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2...
CVE-2024-10516: Swift Performance Lite < 2.3.7.2 - Local PHP File Inclusion
漏洞标题 CVE-2024-10516: Swift Performance Lite < 2.3.7.2 - Local PHP File Inclusion 漏洞描述 A vulnerability in Swift Performance Lite before version 2.3.7.2 allows unauthentic...
CVE-2022-2863: WordPress WPvivid Backup <0.9.76 - Local File Inclusion
漏洞标题 CVE-2022-2863: WordPress WPvivid Backup <0.9.76 - Local File Inclusion 漏洞描述 WordPress WPvivid Backup version 0.9.76 is vulnerable to local file inclusion because th...
CVE-2021-21287: MinIO Browser API – Server-Side Request Forgery
漏洞标题 CVE-2021-21287: MinIO Browser API - Server-Side Request Forgery 漏洞描述 MinIO Browser API before version RELEASE.2021-01-30T00-20-58Z contains a server-side request forge...
Altenergy电力系统控制软件 /index.php/display/status_zigbee SQL 注入漏洞(CVE-2024-11305)
漏洞标题 Altenergy电力系统控制软件 /index.php/display/status_zigbee SQL 注入漏洞(CVE-2024-11305) 漏洞描述 Altenergy电力系统控制软件是Altenergy Power System推出的一款专业软件,专...
CVE-2023-49230: Peplink Balance Two before 8.4.0 – Unauthenticated Config Upload
漏洞标题 CVE-2023-49230: Peplink Balance Two before 8.4.0 - Unauthenticated Config Upload 漏洞描述 A vulnerability in Peplink Balance Two prior to version 8.4.0 allows unauthentica...
CVE-2023-0676: phpIPAM 1.5.1 – Cross-site Scripting
漏洞标题 CVE-2023-0676: phpIPAM 1.5.1 - Cross-site Scripting 漏洞描述 Cross-site Scripting (XSS) - Reflected in GitHub repository phpipam/phpipam prior to 1.5.1. PoC代码
CVE-2022-47945: Thinkphp Lang – Local File Inclusion
漏洞标题 CVE-2022-47945: Thinkphp Lang - Local File Inclusion 漏洞描述 ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack fe...
CVE-2024-3469: GP Premium <= 2.4.0 - Cross-Site Scripting
漏洞标题 CVE-2024-3469: GP Premium <= 2.4.0 - Cross-Site Scripting 漏洞描述 The GP Premium plugin for WordPress up to 2.4.0 is vulnerable to reflected XSS via the 'message&...





