漏洞标题 CVE-2020-13117: Wavlink Multiple AP - Remote Command Injection 漏洞描述 Wavlink products are affected by a vulnerability that may allow remote unauthenticated users to exe...

漏洞标题 CVE-2021-39146: XStream 1.4.18 - Arbitrary Code Execution 漏洞描述 XStream 1.4.18 is susceptible to remote code execution. An attacker can execute commands of the host by ...

漏洞标题 CVE-2024-22024: Ivanti Pulse Connect Secure VPN XXE 漏洞描述 An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti...

漏洞标题 CVE-2024-47073: DataEase v2.10.2 - JWT Signature Verification Bypass 漏洞描述 DataEase is an open source data visualization analysis tool that helps users quickly analyze ...

漏洞标题 CVE-2020-6207: SAP Solution Manager 7.2 - Remote Command Execution 漏洞描述 SAP Solution Manager (SolMan) running version 7.2 has a remote command execution vulnerability ...

漏洞标题 CVE-2018-7600: Drupal - Remote Code Execution 漏洞描述 Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute ...

漏洞标题 Apache OFBiz StatsSinceStart 远程代码执行漏洞（CVE-2024-45507） 漏洞描述 Apache OFBiz 18.12.16 之前的版本在 Linux 和 Windows 系统上存在未经身份验证的远程代码执行漏洞。 PoC...

漏洞标题 CVE-2023-34362: MOVEit Transfer - Remote Code Execution 漏洞描述 In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1...

漏洞标题 CVE-2022-22897: PrestaShop AP Pagebuilder <= 2.4.4 - SQL Injection 漏洞描述 A SQL injection vulnerability in the product_all_one_img and image_product parameters of the...

漏洞标题 CVE-2020-36708: WordPress Epsilon Framework Themes <=2.4.8 - Remote Code Execution 漏洞描述 WordPress themes including Shapely <= 1.2.7, NewsMag <= 2.4.1, Activel...

漏洞标题 Apache mod_proxy SSRF（CVE-2021-40438） 漏洞描述 Apache提供了mod_proxy模块用于提供代理服务，能够支持的包括正向代理、反向代理、透明代理、缓存、负载均衡，HTTP代理、FTP代理、...

漏洞标题 CVE-2023-1496: Imgproxy < 3.14.0 - Cross-site Scripting (XSS) 漏洞描述 Cross-site Scripting (XSS) - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0. Po...

漏洞标题 CVE-2013-4625: WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in files/installer.cleanup.php in the Duplicator...

漏洞标题 CVE-2010-1081: Joomla! Component com_communitypolls 1.5.2 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the Community Polls (com_communitypolls) c...

漏洞标题 Apache OFBiz CVE-2024-38856 未授权代码执行漏洞 漏洞描述 Apache OFBiz存在未授权代码执行漏洞，该漏洞是由于ProgramExport接口对用户的权限校验不当导致的。 PoC代码 暂无

漏洞标题 CVE-2025-27112: Navidrome <=0.54.5 - Authentication Bypass in Subsonic API 漏洞描述 Navidrome is an open source web-based music collection server and streamer. Starting...