漏洞标题 CVE-2022-1390: WordPress Admin Word Count Column 2.2 - Local File Inclusion 漏洞描述 The plugin does not validate the path parameter given to readfile(), which could allow...

漏洞标题 Apache Struts2(S2-001)远程代码执行漏洞(CVE-2007-4556) 漏洞描述 在Struts2 WebWork 2.1+ 和 Struts 2 的“altSyntax”功能允许将 OGNL表达式插入到文本字符串中并进行递归处理。这...

漏洞标题 CVE-2019-10405: Jenkins <=2.196 - Cookie Exposure 漏洞描述 Jenkins through 2.196, LTS 2.176.3 and earlier prints the value of the cookie on the /whoAmI/ URL despite it ...

漏洞标题 CVE-2022-34267: RWS WorldServer - Authentication Bypass 漏洞描述 An issue was discovered in RWS WorldServer before 11.7.3. Adding a token parameter with the value of 02 by...

漏洞标题 CVE-2023-3848: MooDating 1.2 - Cross-site scripting 漏洞描述 A vulnerability, which was classified as problematic, has been found in mooSocial mooDating 1.2. This issue af...

漏洞标题 CVE-2024-41628: Cluster Control CMON API - Directory Traversal 漏洞描述 Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0 be...

漏洞标题 CVE-2021-3223: Node RED Dashboard - Directory Traversal 漏洞描述 Node-RED-Dashboard before 2.26.2 allows ui_base/js/..%2f directory traversal to read files. PoC代码

漏洞标题 CVE-2010-4239: Tiki Wiki CMS Groupware 5.2 - Local File Inclusion 漏洞描述 Tiki Wiki CMS Groupware 5.2 is susceptible to a local file inclusion vulnerability. PoC代码

漏洞标题 CVE-2022-2379: WordPress Easy Student Results <=2.2.8 - Improper Authorization 漏洞描述 WordPress Easy Student Results plugin through 2.2.8 is susceptible to informatio...

漏洞标题 CVE-2021-24291: WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting 漏洞描述 WordPress Photo Gallery by 10Web plugin before 1.5.69 contains multiple reflect...

漏洞标题 CVE-2023-2813: Wordpress Multiple Themes - Reflected Cross-Site Scripting 漏洞描述 All of the above Aapna WordPress theme through 1.3, Anand WordPress theme through 1.2, A...

漏洞标题 CVE-2021-25104: WordPress Ocean Extra <1.9.5 - Cross-Site Scripting 漏洞描述 WordPress Ocean Extra plugin before 1.9.5 contains a cross-site scripting vulnerability. Th...

漏洞标题 CVE-2020-23015: OPNsense <=20.1.5 - Open Redirect 漏洞描述 OPNsense through 20.1.5 contains an open redirect vulnerability via the url redirect parameter in the login p...

漏洞标题 CVE-2012-1835: WordPress Plugin All-in-One Event Calendar 1.4 - Cross-Site Scripting 漏洞描述 Multiple cross-site scripting vulnerabilities in the All-in-One Event Calenda...

漏洞标题 CVE-2021-24849: WCFM WooCommerce Multivendor Marketplace < 3.4.12 - SQL Injection 漏洞描述 The wcfm_ajax_controller AJAX action of the WCFM Marketplace WordPress plugin...

漏洞标题 CVE-2018-1000861: Jenkins - Remote Command Injection 漏洞描述 Jenkins 2.153 and earlier and LTS 2.138.3 and earlier are susceptible to a remote command injection via stapl...