漏洞标题 CVE-2022-27593: QNAP QTS Photo Station External Reference - Local File Inclusion 漏洞描述 QNAP QTS Photo Station External Reference is vulnerable to local file inclusion v...

漏洞标题 CVE-2021-31602: Hitachi Vantara Pentaho/Business Intelligence Server - Authentication Bypass 漏洞描述 Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence...

漏洞标题 CVE-2024-11320: Pandora v7.0NG.777.3 - Remote Code Execution 漏洞描述 Arbitrary commands execution on the server by exploiting a command injection vulnerability in the LDA...

漏洞标题 CVE-2017-18487: AdPush < 1.44 - Cross-Site Scripting 漏洞描述 The adsense-plugin (aka Google AdSense) plugin before 1.44 for WordPress has multiple XSS issues. PoC代码

漏洞标题 CVE-2017-17731: DedeCMS 5.7 - SQL Injection 漏洞描述 DedeCMS through 5.7 has SQL Injection via the $_FILES superglobal to plus/recommend.php. PoC代码

漏洞标题 CVE-2019-15713: WordPress My Calendar <= 3.1.9 - Cross-Site Scripting 漏洞描述 WordPress plugin My Calendar <= 3.1.9 is susceptible to reflected cross-site scripting...

漏洞标题 CVE-2023-5074: D-Link D-View 8 v2.0.1.28 - Authentication Bypass 漏洞描述 Use of a static key to protect a JWT token used in user authentication can allow an for an authen...

漏洞标题 CVE-2021-24364: WordPress Jannah Theme <5.4.4 - Cross-Site Scripting 漏洞描述 WordPress Jannah theme before 5.4.4 contains a reflected cross-site scripting vulnerabilit...

漏洞标题 CVE-2020-24391: Mongo-Express - Remote Code Execution 漏洞描述 Mongo-Express before 1.0.0 is susceptible to remote code execution because it uses safer-eval to validate us...

漏洞标题 CVE-2018-14912: cgit < 1.2.1 - Directory Traversal 漏洞描述 cGit < 1.2.1 via cgit_clone_objects has a directory traversal vulnerability when `enable-http-clone=1` is...

漏洞标题 CVE-2022-1574: WordPress HTML2WP <=1.0.0 - Arbitrary File Upload 漏洞描述 WordPress HTML2WP plugin through 1.0.0 contains an arbitrary file upload vulnerability. The pl...

漏洞标题 CVE-2023-1177: MLflow get-artifact 任意文件读取漏洞 漏洞描述 使用 MLflow 模型注册表托管 MLflow 开源项目的用户 mlflow server或者 mlflow ui使用早于 MLflow 2.2.1 的 MLflow 版...

漏洞标题 CVE-2021-41266: MinIO Operator Console Authentication Bypass 漏洞描述 MinIO Console is a graphical user interface for the for MinIO Operator. MinIO itself is a multi-cloud...

漏洞标题 CVE-2023-30150: PrestaShop leocustomajax 1.0 & 1.0.0 - SQL Injection 漏洞描述 PrestaShop leocustomajax 1.0 and 1.0.0 are vulnerable to SQL Injection via modules/leocus...

漏洞标题 CVE-2024-4434: LearnPress WordPress LMS Plugin <= 4.2.6.5 - SQL Injection 漏洞描述 The LearnPress WordPress LMS Plugin plugin for WordPress is vulnerable to time-based ...

漏洞标题 CVE-2018-17422: DotCMS < 5.0.2 - Open Redirect 漏洞描述 dotCMS before 5.0.2 contains multiple open redirect vulnerabilities via the html/common/forward_js.jsp FORWARD_U...