漏洞标题 CVE-2024-6235: NetScaler Console - Sensitive Information Disclosure 漏洞描述 Sensitive information disclosure in NetScaler Console PoC代码

漏洞标题 CVE-2022-22947: Spring Cloud Gateway Code Injection 漏洞描述 Applications using Spring Cloud Gateway prior to 3.1.1+ and 3.0.7+ are vulnerable to a code injection attack w...

漏洞标题 CVE-2023-41597: EyouCms v1.6.2 - Cross-Site Scripting 漏洞描述 EyouCms v1.6.2 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the compon...

漏洞标题 Apache OFBiz CVE-2018-8033 XML外部实体注入漏洞 漏洞描述 Apache OFBiz存在XML外部实体注入漏洞，此漏洞是由于httpService接口对用户的请求验证不当导致的。 PoC代码 暂无

漏洞标题 CVE-2024-54767: AVM FRITZ!Box 7530 AX - Unauthorized Access 漏洞描述 An access control issue in the component /juis_boxinfo.xml of AVM FRITZ!Box 7530 AX v7.59 allows attac...

漏洞标题 CVE-2022-2130: Microweber < 1.2.17 - Cross-Site Scripting 漏洞描述 Cross-site Scripting (XSS) vulnerability in the /demo/editor_tools/module endpoint via the 'type...

漏洞标题 CVE-2021-32789: WooCommerce Blocks 2.5 to 5.5 - Unauthenticated SQL Injection 漏洞描述 woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg B...

漏洞标题 Atlassian Confluence CVE-2023-22527 远程命令执行漏洞 漏洞描述 Atlassian Confluence存在远程命令执行漏洞，此漏洞是对用户的数据缺乏校验导致的。 PoC代码 暂无

漏洞标题 CVE-2021-24169: WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting 漏洞描述 WordPress Advanced Order Export For WooCommerce plu...

漏洞标题 CVE-2018-17082: Apache2 - Transfer-Encoding Chunked XSS 漏洞描述 Apache2 PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 contain a ref...

漏洞标题 CVE-2024-29972: Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - NsaRescueAngel Backdoor Account 漏洞描述 The command injection vulnerability in the CGI program "remote_...

漏洞标题 Apache Tomcat SSI printenv CVE-2019-0221 跨站脚本漏洞 漏洞描述 Apache Tomcat SSI printenv command存在跨站脚本漏洞，此漏洞是由于应用程序对用户输入没有进行充分校验导致的。 P...

漏洞标题 CVE-2024-30194: Sunshine Photo Cart <= 3.1.1 - Reflected Cross-Site Scripting 漏洞描述 WP Sunshine Sunshine Photo Cart versions up to 3.1.1 contain a cross-site scripti...

漏洞标题 CVE-2018-11138: Quest KACE System Management Appliance 8.0.318 - Remote Code Execution 漏洞描述 The '/common/download_agent_installer.php' script in the Quest KA...

漏洞标题 CVE-2025-22457: Ivanti Connect Secure - Stack-based Buffer Overflow 漏洞描述 Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, a...

漏洞标题 CVE-2023-2023: Custom 404 Pro < 3.7.3 - Cross-Site Scripting 漏洞描述 Custom 404 Pro before 3.7.3 is susceptible to cross-site scripting via the search parameter due to...