漏洞标题 CVE-2022-37042: Zimbra Collaboration Suite 8.8.15/9.0 - Remote Code Execution 漏洞描述 Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that re...

漏洞标题 CVE-2022-0437: karma-runner DOM-based Cross-Site Scripting 漏洞描述 NPM karma prior to 6.3.14. contains a DOM-based cross-site Scripting vulnerability. PoC代码

漏洞标题 CVE-2020-28653: ManageEngine OpManager SumPDU 12.1 - 12.5.232 - Java Deserialization 漏洞描述 Zoho ManageEngine OpManager Stable build before 125203 (and Released build be...

漏洞标题 CVE-2021-46387: Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting 漏洞描述 ZyXEL ZyWALL 2 Plus Internet Security Appliance contains a cross-site scrip...

漏洞标题 CVE-2007-3010: Alcatel-Lucent OmniPCX - Remote Command Execution 漏洞描述 The OmniPCX web interface has a script "masterCGI" with a remote command execution vuln...

漏洞标题 CVE-2025-1025: Cockpit < 2.4.1 - Arbitrary File Upload 漏洞描述 Versions of the package cockpit-hq/cockpit before 2.4.1 are vulnerable to Arbitrary File Upload where an...

漏洞标题 CVE-2023-1318: osTicket < v1.16.6 - Cross-Site Scripting 漏洞描述 Cross-site Scripting (XSS) - Generic in GitHub repository osticket/osticket prior to v1.16.6. PoC代码

漏洞标题 Apache OFBiz webtools/control/xmlrpc 远程代码执行漏洞（CVE-2023-49070） 漏洞描述 Apache OFBiz是一个开源的企业资源规划（ERP）系统，提供了多种商业功能和模块。Apache OFBiz 在...

漏洞标题 CVE-2023-6380: OpenCms 14 & 15 - Open Redirect 漏洞描述 Open redirect vulnerability has been found in the Open CMS product affecting versions 14 and 15 of the 'Me...

漏洞标题 CVE-2021-25074: WordPress WebP Converter for Media < 4.0.3 - Unauthenticated Open Redirect 漏洞描述 WordPress WebP Converter for Media < 4.0.3 contains a file (passt...

漏洞标题 CVE-2023-6895: Hikvision IP ping.php - Command Execution 漏洞描述 A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It has b...

漏洞标题 CVE-2021-27561: YeaLink DM 3.6.0.20 - Remote Command Injection 漏洞描述 Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewal...

漏洞标题 CVE-2020-2733: JD Edwards EnterpriseOne Tools 9.2 - Information Disclosure 漏洞描述 JD Edwards EnterpriseOne Tools 9.2 is susceptible to information disclosure via the Mon...

漏洞标题 CVE-2019-5129: YouPHPTube Encoder 2.3 - Command Injection 漏洞描述 Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing en...

漏洞标题 CVE-2023-0037: WordPress 10Web Map Builder < 1.0.73 - Unauthenticated SQL Injection 漏洞描述 The 10Web Map Builder for Google Maps WordPress plugin before 1.0.73 does n...

漏洞标题 CVE-2024-8859: Mlflow < 2.17.0 - Local File Inclusion 漏洞描述 Mlflow before 2.17.0 is susceptible to local file inclusion due to path traversal in GitHub repository ml...