漏洞标题 CVE-2024-12824: Nokri – Job Board WordPress Theme <= 1.6.2 - Unauthenticated Arbitrary Password Change 漏洞描述 The Nokri – Job Board WordPress Theme theme for WordPr...

漏洞标题 CVE-2023-20888: VMware Aria Operations for Networks - Remote Code Execution 漏洞描述 Aria Operations for Networks contains an authenticated deserialization vulnerability. ...

漏洞标题 CVE-2022-28666: Custom Product Tabs for WooCommerce < 1.7.8 - Unauthenticated Toggle Content Setting Update 漏洞描述 YIKES Inc. Custom Product Tabs for WooCommerce plug...

漏洞标题 CVE-2015-1000012: WordPress MyPixs <=0.3 - Local File Inclusion 漏洞描述 WordPress MyPixs 0.3 and prior contains a local file inclusion vulnerability. PoC代码

漏洞标题 CVE-2015-2067: Magento Server MAGMI - Directory Traversal 漏洞描述 Magento Server MAGMI (aka Magento Mass Importer) contains a directory traversal vulnerability in web/aja...

前言 今天进行wordpress更新的时间遇到了一个小问题：升级WordPress 另一更新正在进行。出现这个提示，多数情况是上传一次的更新还没有结束，然后重新点击了刷新页面，导致更新中断。 原因分析 ...

漏洞标题 CVE-2021-3374: Rstudio Shiny Server <1.5.16 - Local File Inclusion 漏洞描述 Rstudio Shiny Server prior to 1.5.16 is vulnerable to local file inclusion and source code l...

漏洞标题 CVE-2015-8399: Atlassian Confluence configuration files read 漏洞描述 Atlassian Confluence before 5.9.1 allows remote attackers to read arbitrary files via a crafted reque...

漏洞标题 CVE-2021-24212: WooCommerce Help Scout - Arbitrary File Upload 漏洞描述 WooCommerce Help Scout plugin before version 2.9.1 contains an unrestricted file upload vulnerabili...

漏洞标题 CVE-2016-1000142: WordPress MW Font Changer <=4.2.5 - Cross-Site Scripting 漏洞描述 WordPress MW Font Changer plugin 4.2.5 and before contains a cross-site scripting vu...

漏洞标题 CVE-2023-6875: WordPress POST SMTP Mailer <= 2.8.7 - Authorization Bypass 漏洞描述 The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP ...

前言 在针对ASP.NET开发的程序进行代码审计的时间，asp.net可以用C# ，VB.NET ，Jscript.net等等来开发，但是通常首选都是C#和VB.NET进行开发 审计ASP.NET的时候，首先得弄明白他的结构，他并不...

漏洞标题 CVE-2021-31589: BeyondTrust Secure Remote Access Base <=6.0.1 - Cross-Site Scripting 漏洞描述 BeyondTrust Secure Remote Access Base through 6.0.1 contains a cross-site ...

漏洞标题 CVE-2021-26085: Atlassian Confluence Server - Local File Inclusion 漏洞描述 Atlassian Confluence Server allows remote attackers to view restricted resources via local file...

漏洞标题 CVE-2020-7209: LinuxKI Toolset <= 6.01 - Remote Command Execution 漏洞描述 LinuxKI v6.0-1 and earlier are vulnerable to remote code execution. PoC代码

漏洞标题 CVE-2018-20985: WordPress Payeezy Pay <=2.97 - Local File Inclusion 漏洞描述 WordPress Plugin WP Payeezy Pay is prone to a local file inclusion vulnerability because it...