最新发布第916页
CVE-2018-2894: Oracle WebLogic Server – Remote Code Execution
漏洞标题 CVE-2018-2894: Oracle WebLogic Server - Remote Code Execution 漏洞描述 The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services) ...
CVE-2021-21985: VMware vSphere Client (HTML5) – Remote Code Execution
漏洞标题 CVE-2021-21985: VMware vSphere Client (HTML5) - Remote Code Execution 漏洞描述 The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of inp...
CVE-2023-24489: Citrix ShareFile StorageZones Controller – Unauthenticated Remote Code Execution
漏洞标题 CVE-2023-24489: Citrix ShareFile StorageZones Controller - Unauthenticated Remote Code Execution 漏洞描述 A vulnerability has been discovered in the customer-managed Share...
Apache OFBiz CVE-2024-32113 目录遍历漏洞
漏洞标题 Apache OFBiz CVE-2024-32113 目录遍历漏洞 漏洞描述 Apache OFBiz 存在目录遍历漏洞,此漏洞是由于未充分验证用户输入的url所导致的。 PoC代码 暂无
CVE-2022-1713: Drawio <18.0.4 - Server-Side Request Forgery
漏洞标题 CVE-2022-1713: Drawio <18.0.4 - Server-Side Request Forgery 漏洞描述 Drawio prior to 18.0.4 is vulnerable to server-side request forgery. An attacker can make a request...
CVE-2011-5265: Featurific For WordPress 1.6.2 – Cross-Site Scripting
漏洞标题 CVE-2011-5265: Featurific For WordPress 1.6.2 - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in cached_image.php in the Featurific For WordPress plug...
CVE-2023-22463: KubePi JwtSigKey – Admin Authentication Bypass
漏洞标题 CVE-2023-22463: KubePi JwtSigKey - Admin Authentication Bypass 漏洞描述 KubePi is a k8s panel. The jwt authentication function of KubePi through version 1.6.2 uses hard-co...
CData Sync CVE-2024-31851 路径遍历漏洞
漏洞标题 CData Sync CVE-2024-31851 路径遍历漏洞 漏洞描述 CData sync存在路径遍历漏洞,此漏洞是由于/ui/接口对用户的请求验证不当造成的。 PoC代码 暂无
Confluence viewdefaultdecorator.action-任意文件读取(CVE-2015-8399)
漏洞标题 Confluence viewdefaultdecorator.action-任意文件读取(CVE-2015-8399) 漏洞描述 【漏洞对象】Atlassian Confluence 【涉及版本】<5.8.17 【漏洞描述】该漏洞源于spaces/viewdefaul...
CVE-2023-25717: Ruckus Wireless Admin – Remote Code Execution
漏洞标题 CVE-2023-25717: Ruckus Wireless Admin - Remote Code Execution 漏洞描述 Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Requ...
CVE-2018-5715: SugarCRM 3.5.1 – Cross-Site Scripting
漏洞标题 CVE-2018-5715: SugarCRM 3.5.1 - Cross-Site Scripting 漏洞描述 SugarCRM 3.5.1 is vulnerable to cross-site scripting via phprint.php and a parameter name in the query string...
CVE-2021-39152: XStream <1.4.18 - Server-Side Request Forgery
漏洞标题 CVE-2021-39152: XStream <1.4.18 - Server-Side Request Forgery 漏洞描述 XStream before 1.4.18 is susceptible to server-side request forgery. An attacker can request data...
CVE-2021-26085: Atlassian Confluence Server – Local File Inclusion
漏洞标题 CVE-2021-26085: Atlassian Confluence Server - Local File Inclusion 漏洞描述 Atlassian Confluence Server allows remote attackers to view restricted resources via local file...
CVE-2023-6977: Mlflow <2.8.0 - Local File Inclusion
漏洞标题 CVE-2023-6977: Mlflow <2.8.0 - Local File Inclusion 漏洞描述 Mlflow before 2.8.0 is susceptible to local file inclusion due to path traversal in GitHub repository mlflo...
CVE-2023-5914: Citrix StoreFront – Cross-Site Scripting
漏洞标题 CVE-2023-5914: Citrix StoreFront - Cross-Site Scripting 漏洞描述 Reflected Cross-Site Scripting issue which is exploitable without authentication. This vulnerability was e...
CVE-2023-3380: WAVLINK WN579X3 – Remote Command Execution
漏洞标题 CVE-2023-3380: WAVLINK WN579X3 - Remote Command Execution 漏洞描述 Remote Command Execution vulnerability in WAVLINK WN579X3 routers via pingIp parameter in /cgi-bin/adm.c...





