漏洞标题 CVE-2022-25481: ThinkPHP 5.0.24 - Information Disclosure 漏洞描述 ThinkPHP 5.0.24 is susceptible to information disclosure. This version was configured without the PATHINF...

漏洞标题 CVE-2021-41291: ECOA Building Automation System - Directory Traversal Content Disclosure 漏洞描述 The ECOA BAS controller suffers from a directory traversal content disclo...

漏洞标题 CVE-2019-19825: TOTOLINK/Realtek Routers - CAPTCHA Bypass 漏洞描述 On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via a POST request to t...

漏洞标题 CVE-2022-4971: Sassy Social Share <= 3.3.3 - Cross-Site Scripting 漏洞描述 The Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting v...

漏洞标题 CVE-2020-29227: Car Rental Management System 1.0 - Local File Inclusion 漏洞描述 Car Rental Management System 1.0 allows an unauthenticated user to perform a file inclusio...

漏洞标题 CVE-2020-8115: Revive Adserver <=5.0.3 - Cross-Site Scripting 漏洞描述 Revive Adserver 5.0.3 and prior contains a reflected cross-site scripting vulnerability in the pu...

漏洞标题 CVE-2019-14205: WordPress Nevma Adaptive Images <0.6.67 - Local File Inclusion 漏洞描述 WordPress Nevma Adaptive Images plugin before 0.6.67 allows remote attackers to ...

漏洞标题 CVE-2022-0140: WordPress Visual Form Builder <3.0.8 - Information Disclosure 漏洞描述 WordPress Visual Form Builder plugin before 3.0.8 contains a information disclosur...

漏洞标题 CVE-2025-34035: EnGenius EnShare IoT Gigabit Cloud Service 1.4.11 Root Remote Code Execution 漏洞描述 An OS command injection vulnerability exists in EnGenius EnShare Clou...

漏洞标题 CVE-2021-24947: WordPress Responsive Vector Maps < 6.4.2 - Arbitrary File Read 漏洞描述 WordPress Responsive Vector Maps < 6.4.2 contains an arbitrary file read vuln...

漏洞标题 CVE-2020-28185: TerraMaster TOS < 4.2.06 - User Enumeration 漏洞描述 User Enumeration vulnerability in TerraMaster TOS <= 4.2.06 allows remote unauthenticated attack...

漏洞标题 CVE-2020-35847: Agentejo Cockpit <0.11.2 - NoSQL Injection 漏洞描述 Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword func...

漏洞标题 CVE-2024-1512: MasterStudy LMS WordPress Plugin <= 3.2.5 - SQL Injection 漏洞描述 The MasterStudy LMS WordPress Plugin for Online Courses and Education plugin for WordP...

漏洞标题 CVE-2019-18394: Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery 漏洞描述 Ignite Realtime Openfire through version 4.4.2 allows attackers to send arbitrar...

漏洞标题 CVE-2024-8877: Riello Netman 204 - SQL Injection 漏洞描述 The three endpoints /cgi-bin/db_datalog_w.cgi, /cgi-bin/db_eventlog_w.cgi, and /cgi-bin/db_multimetr_w.cgi are vu...

漏洞标题 CVE-2022-31181: PrestaShop - SQL Injection to Eval Injection 漏洞描述 PrestaShop versions from 1.6.0.10 and before 1.7.8.7 contain an SQL injection caused by unsanitized u...