漏洞标题 CVE-2018-10562: Dasan GPON Devices - Remote Code Execution 漏洞描述 Dasan GPON home routers are susceptible to command injection which can occur via the dest_host paramete...

漏洞标题 CVE-2008-7269: UC Gateway Investment SiteEngine v5.0 - Open Redirect 漏洞描述 Open redirect vulnerability in api.php in SiteEngine 5.x allows user-assisted remote attacker...

漏洞标题 CVE-2024-3822: Base64 Encoder/Decoder <= 0.9.2 - Cross-Site Scripting 漏洞描述 The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not sanitise and escape a ...

漏洞标题 CVE-2023-3368: Chamilo LMS <= v1.11.20 Unauthenticated Command Injection 漏洞描述 Command injection in `/main/webservices/additional_webservices.php` in Chamilo LMS <...

漏洞标题 CVE-2023-2624: KiviCare WordPress Plugin - Cross-Site Scripting 漏洞描述 The KiviCare WordPress plugin before 3.2.1 does not sanitise and escape the 'filterType'...

漏洞标题 CVE-2021-39350: FV Flowplayer Video Player WordPress plugin - Authenticated Cross-Site Scripting 漏洞描述 The FV Flowplayer Video Player WordPress plugin is vulnerable to ...

漏洞标题 CVE-2020-10189: ManageEngine Desktop Central Java Deserialization 漏洞描述 Zoho ManageEngine Desktop Central before 10.0.474 is vulnerable to a deserialization of untruste...

漏洞标题 CVE-2023-1408: Video List Manager <= 1.7 - SQL Injection 漏洞描述 The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leadi...

漏洞标题 CVE-2020-26413: Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure 漏洞描述 GitLab CE and EE 13.4 through 13.6.2 is susceptible to Information disclosure via GraphQL. Use...

漏洞标题 CVE-2024-4399: WordPress CAS Theme <= 1.0.0 - Server-Side Request Forgery 漏洞描述 The CAS WordPress theme through version 1.0.0 is vulnerable to Server-Side Request Fo...

漏洞标题 CVE-2022-29349: kkFileView 4.0.0 - Cross-Site Scripting 漏洞描述 kkFileView 4.0.0 contains multiple cross-site scripting vulnerabilities via the urls and currentUrl parame...

漏洞标题 CVE-2022-1580: Site Offline WP Plugin < 1.5.3 - Authorization Bypass 漏洞描述 The plugin prevents users from accessing a website but does not do so if the URL contained...

漏洞标题 CVE-2020-24903: Cute Editor for ASP.NET 6.4 - Cross-Site Scripting 漏洞描述 Cute Editor for ASP.NET 6.4 contains a cross-site scripting vulnerability. An attacker can inje...

漏洞标题 CVE-2020-14181: Jira Server and Data Center - Information Disclosure 漏洞描述 Jira Server and Data Center is susceptible to information disclosure. An attacker can enumera...

漏洞标题 CVE-2022-3590: WordPress <= 6.2 - Server Side Request Forgery 漏洞描述 WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCT...

漏洞标题 CVE-2023-5222: Viessmann Vitogate 300 - Hardcoded Password 漏洞描述 A critical vulnerability in Viessmann Vitogate 300 up to 2.1.3.0 allows attackers to authenticate using...