漏洞标题 CVE-2020-19295: Jeesns 1.4.2 - Cross-Site Scripting 漏洞描述 Jeesns 1.4.2 is vulnerable to reflected cross-site scripting in the /weibo/topic component and allows attacker...

漏洞标题 CVE-2021-40542: Opensis-Classic 8.0 - Cross-Site Scripting 漏洞描述 Opensis-Classic Version 8.0 is affected by cross-site scripting. An unauthenticated user can inject and...

漏洞标题 CVE-2024-6586: Lightdash v0.1024.6 - Server-Side Request Forgery 漏洞描述 Server-Side Request Forgery (“SSRF”) in the export dashboard functionality of Lightdash version...

漏洞标题 CVE-2022-29775: iSpy 7.2.2.0 - Authentication Bypass 漏洞描述 iSpy 7.2.2.0 contains an authentication bypass vulnerability. An attacker can craft a URL and possibly obtain...

漏洞标题 CVE-2023-3849: mooDating 1.2 - Cross-site scripting 漏洞描述 A vulnerability, which was classified as problematic, was found in mooSocial mooDating 1.2. Affected is an unk...

漏洞标题 CVE-2025-1661: HUSKY – Products Filter Professional for WooCommerce <= 1.3.6.5 - Unauthenticated Local File Inclusion 漏洞描述 The HUSKY – Products Filter Professiona...

漏洞标题 CVE-2024-4956: Sonatype Nexus Repository Manager 3 - Local File Inclusion 漏洞描述 Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read...

漏洞标题 CVE-2022-31161: Roxy-WI - Remote Code Execution 漏洞描述 Roxy-WI before 6.1.1.0 is susceptible to remote code execution. System commands can be run remotely via the delcer...

漏洞标题 CVE-2021-24212: WooCommerce Help Scout - Arbitrary File Upload 漏洞描述 WooCommerce Help Scout plugin before version 2.9.1 contains an unrestricted file upload vulnerabili...

漏洞标题 CVE-2020-10199: Nexus Repository before 3.21.2 allows JavaEL Injection 漏洞描述 漏洞触发需要任意账户权限 body="Nexus Repository Manager" app="Nexus-Reposito...

漏洞标题 CVE-2010-2680: Joomla! Component jesectionfinder - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesecti...

漏洞标题 CVE-2024-10708: System Dashboard < 2.8.15 - Admin+ Path Traversal 漏洞描述 The System Dashboard WordPress plugin before 2.8.15 does not validate user input used in a pa...

漏洞标题 CVE-2021-24666: WordPress Podlove Podcast Publisher <3.5.6 - SQL Injection 漏洞描述 WordPress Podlove Podcast Publisher plugin before 3.5.6 is susceptible to SQL inject...

漏洞标题 CVE-2019-19825: TOTOLINK/Realtek Routers - CAPTCHA Bypass 漏洞描述 On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via a POST request to t...

漏洞标题 CVE-2023-25194: Apache Druid Kafka Connect - Remote Code Execution 漏洞描述 The vulnerability has the potential to enable a remote attacker with authentication to run any ...

漏洞标题 CVE-2021-27250: D-LINK DAP-2020 webproc 任意文件读取漏洞 漏洞描述 This vulnerability allows network-adjacent attackers to disclose sensitive information on affected instal...