最新发布第890页
CVE-2020-10257: ThemeREX Addons – Remote Code Execution
漏洞标题 CVE-2020-10257: ThemeREX Addons - Remote Code Execution 漏洞描述 ThemeREX Addons plugin before 2020-03-09 for WordPress contains an access control vulnerability in the /tr...
CVE-2020-1943: Apache OFBiz <=16.11.07 - Cross-Site Scripting
漏洞标题 CVE-2020-1943: Apache OFBiz <=16.11.07 - Cross-Site Scripting 漏洞描述 Apache OFBiz 16.11.01 to 16.11.07 is vulnerable to cross-site scripting because data sent with co...
Apache Struts2(S2-062)远程代码执行漏洞(CVE-2021-31805)
漏洞标题 Apache Struts2(S2-062)远程代码执行漏洞(CVE-2021-31805) 漏洞描述 Apache Struts2框架是一个用于开发Java EE网络应用程序的Web框架。Apache Struts< 2.5.30存在OGNL表达式注入漏...
Apache OFBiz webtools/control/ProgramExport 远程代码执行漏洞(CVE-2023-51467)
漏洞标题 Apache OFBiz webtools/control/ProgramExport 远程代码执行漏洞(CVE-2023-51467) 漏洞描述 Apache OFBiz 在 webtools/control/ProgramExport存在代码执行漏洞,攻击者可通过该漏洞...
CVE-2023-38035: Ivanti Sentry – Authentication Bypass
漏洞标题 CVE-2023-38035: Ivanti Sentry - Authentication Bypass 漏洞描述 A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which m...
CVE-2024-29269: Telesquare TLR-2005KSH – Remote Command Execution
漏洞标题 CVE-2024-29269: Telesquare TLR-2005KSH - Remote Command Execution 漏洞描述 Telesquare Tlr-2005Ksh is a Sk Telecom Lte router from South Korea's Telesquare company.Tel...
Atlassian Confluence CVE-2023-22527 远程命令执行漏洞
漏洞标题 Atlassian Confluence CVE-2023-22527 远程命令执行漏洞 漏洞描述 Atlassian Confluence存在远程命令执行漏洞,此漏洞是对用户的数据缺乏校验导致的。 PoC代码 暂无
CraftCms 代码注入漏洞(CVE-2025-32432)
漏洞标题 CraftCms 代码注入漏洞(CVE-2025-32432) 漏洞描述 攻击者可构造恶意请求利用generate-transform端点触发反序列化,执行任意代码控制服务器,未经身份验证的攻击者可以通过该漏洞在目标...
Atlassian Confluence OGNL注入漏洞(CVE-2022-26134)
漏洞标题 Atlassian Confluence OGNL注入漏洞(CVE-2022-26134) 漏洞描述 Atlassian Confluence OGNL注入漏洞(CVE-2022-26134) PoC代码 暂无
CVE-2021-32305: Websvn <2.6.1 - Remote Code Execution
漏洞标题 CVE-2021-32305: Websvn <2.6.1 - Remote Code Execution 漏洞描述 WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the...
CVE-2024-25669: CaseAware a360inc – Cross-Site Scripting
漏洞标题 CVE-2024-25669: CaseAware a360inc - Cross-Site Scripting 漏洞描述 a360inc CaseAware contains a reflected cross-site scripting vulnerability via the user parameter transmit...
CVE-2023-40752: PHPJabbers Make an Offer Widget v1.0 – Cross-Site Scripting
漏洞标题 CVE-2023-40752: PHPJabbers Make an Offer Widget v1.0 - Cross-Site Scripting 漏洞描述 There is a Cross Site Scripting (XSS) vulnerability in the "action" paramete...
CVE-2025-2711: Yonyou UFIDA ERP-NC V5.0 – Cross-Site Scripting
漏洞标题 CVE-2025-2711: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting 漏洞描述 Yonyou UFIDA ERP-NC V5.0 is vulnerable to reflected cross-site scripting (XSS) via the langcode par...
Atlassian Confluence OGNL注入漏洞(CVE-2022-26134)
漏洞标题 Atlassian Confluence OGNL注入漏洞(CVE-2022-26134) 漏洞描述 Atlassian Confluence OGNL注入漏洞(CVE-2022-26134) PoC代码 暂无
CVE-2024-4841: LoLLMS WebUI – Subfolder Prediction via Path Traversal
漏洞标题 CVE-2024-4841: LoLLMS WebUI - Subfolder Prediction via Path Traversal 漏洞描述 A Path Traversal vulnerability exists in the parisneo/lollms-webui, specifically within the ...
CVE-2024-3848: Mlflow < 2.11.0 - Path Traversal
漏洞标题 CVE-2024-3848: Mlflow < 2.11.0 - Path Traversal 漏洞描述 A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, identified as a bypass for the previousl...





