漏洞标题 CVE-2019-6802: Pypiserver <1.2.5 - Carriage Return Line Feed Injection 漏洞描述 Pypiserver through 1.2.5 and below is susceptible to carriage return line feed injection...

漏洞标题 CVE-2022-34049: WAVLINK WN530HG4 - Improper Access Control 漏洞描述 Wavlink WN530HG4 M30HG4.V5030.191116 is susceptible to improper access control. An attacker can downloa...

漏洞标题 CVE-2023-42343: OpenCMS - Cross-Site Scripting 漏洞描述 OpenCMS below 10.5.1 is vulnerable to Cross-Site Scripting vulnerability. PoC代码

漏洞标题 CVE-2020-7107: WordPress Ultimate FAQ <1.8.30 - Cross-Site Scripting 漏洞描述 WordPress Ultimate FAQ plugin before 1.8.30 is susceptible to cross-site scripting via Dis...

漏洞标题 CVE-2021-31195: Microsoft Exchange Server - Cross-Site Scripting 漏洞描述 Microsoft Exchange Server, or OWA, is vulnerable to a cross-site scripting vulnerability in refur...

漏洞标题 CVE-2022-27228: Bitrix Site Manager - Remote Code Execution 漏洞描述 In the vote (aka "Polls, Votes") module before 21.0.100 of Bitrix Site Manager, a remote una...

漏洞标题 CVE-2022-0208: WordPress Plugin MapPress <2.73.4 - Cross-Site Scripting 漏洞描述 WordPress Plugin MapPress before version 2.73.4 does not sanitize and escape the '...

漏洞标题 CVE-2010-1532: Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) com...

漏洞标题 CVE-2022-2627: WordPress Newspaper < 12 - Cross-Site Scripting 漏洞描述 WordPress Newspaper theme before 12 is susceptible to cross-site scripting. The does not sanitiz...

漏洞标题 CVE-2023-0948: WordPress Japanized for WooCommerce <2.5.8 - Cross-Site Scripting 漏洞描述 WordPress Japanized for WooCommerce plugin before 2.5.8 is susceptible to cros...

漏洞标题 CVE-2019-16278: nostromo 1.9.6 - Remote Code Execution 漏洞描述 nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via directory traversal i...

漏洞标题 CVE-2020-18268: Z-Blog <=1.5.2 - Open Redirect 漏洞描述 Z-Blog 1.5.2 and earlier contains an open redirect vulnerability via the redirect parameter in zb_system/cmd.php...

漏洞标题 CVE-2025-27112: Navidrome <=0.54.5 - Authentication Bypass in Subsonic API 漏洞描述 Navidrome is an open source web-based music collection server and streamer. Starting...

漏洞标题 CVE-2022-0149: WooCommerce Stored Exporter WordPress Plugin < 2.7.1 - Cross-Site Scripting 漏洞描述 The plugin was affected by a reflected cross-site scripting vulnerab...

漏洞标题 CVE-2021-21287: MinIO Browser API - Server-Side Request Forgery 漏洞描述 MinIO Browser API before version RELEASE.2021-01-30T00-20-58Z contains a server-side request forge...

漏洞标题 CVE-2019-15713: WordPress My Calendar <= 3.1.9 - Cross-Site Scripting 漏洞描述 WordPress plugin My Calendar <= 3.1.9 is susceptible to reflected cross-site scripting...