漏洞标题 CVE-2020-5847: UnRaid <=6.80 - Remote Code Execution 漏洞描述 UnRaid <=6.80 allows remote unauthenticated attackers to execute arbitrary code. PoC代码

漏洞标题 CVE-2022-0735: GitLab CE/EE - Information Disclosure 漏洞描述 GitLab CE/EE is susceptible to information disclosure. An attacker can access runner registration tokens usin...

漏洞标题 CVE-2022-0760: WordPress Simple Link Directory <7.7.2 - SQL injection 漏洞描述 WordPress Simple Link Directory plugin before 7.7.2 contains a SQL injection vulnerabilit...

漏洞标题 CVE-2013-2287: WordPress Plugin Uploader 1.0.4 - Cross-Site Scripting 漏洞描述 Multiple cross-site scripting vulnerabilities in views/notify.php in the Uploader plugin 1.0...

漏洞标题 CVE-2023-4596: WordPress Plugin Forminator 1.24.6 - Arbitrary File Upload 漏洞描述 The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file ...

漏洞标题 CVE-2010-20103: ProFTPd-1.3.3c - Backdoor Command Execution 漏洞描述 ProFTPD 1.3.3c contains a command injection backdoor caused by a hidden FTP command trigger in the sou...

漏洞标题 CVE-2017-12794: Django Debug Page - Cross-Site Scripting 漏洞描述 Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5 has HTML autoescaping disabled in a portion of the t...

漏洞标题 CVE-2021-23241: MERCUSYS Mercury X18G 1.0.5 Router - Local File Inclusion 漏洞描述 MERCUSYS Mercury X18G 1.0.5 devices are vulnerable to local file inclusion via ../ in co...

漏洞标题 CVE-2022-45933: KubeView <=0.1.31 - Information Disclosure 漏洞描述 KubeView through 0.1.31 is susceptible to information disclosure. An attacker can obtain control of ...

漏洞标题 CVE-2024-9796: WordPress WP-Advanced-Search <= 3.3.9 - SQL Injection 漏洞描述 The WordPress WP-Advanced-Search plugin for WordPress is vulnerable to SQL Injection in al...

漏洞标题 CVE-2019-18371: Xiaomi Mi WiFi R3G Routers - Local file Inclusion 漏洞描述 Xiaomi Mi WiFi R3G devices before 2.28.23-stable are susceptible to local file inclusion vulnera...

漏洞标题 Aiohttp CVE-2024-23334 目录遍历漏洞 漏洞描述 Aiohttp 是一款开源的用于 asyncio 和 Python 的异步 HTTP 客户端/服务器框架。Aiohttp 存在目录遍历漏洞，此漏洞是由于应用程序读取文...

漏洞标题 CVE-2019-11507: Pulse Secure Pulse Connect Secure - Cross-Site Scripting (Reflected) 漏洞描述 Pulse Secure Pulse Connect Secure (PCS) 8.3.x before 8.3R7.1 and 9.0.x before...

漏洞标题 CVE-2020-35729: Klog Server <=2.41 - Unauthenticated Command Injection 漏洞描述 Klog Server 2.4.1 and prior is susceptible to an unauthenticated command injection vulne...

漏洞标题 CVE-2022-1950: Wordpress Youzify sql injection 漏洞描述 The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL stateme...

漏洞标题 CVE-2023-49230: Peplink Balance Two before 8.4.0 - Unauthenticated Config Upload 漏洞描述 A vulnerability in Peplink Balance Two prior to version 8.4.0 allows unauthentica...