漏洞标题 Apache OFBiz webtools/control/ProgramExport 远程代码执行漏洞（CVE-2023-51467） 漏洞描述 Apache OFBiz 在 webtools/control/ProgramExport存在代码执行漏洞，攻击者可通过该漏洞...

漏洞标题 CVE-2020-9036: Jeedom <=4.0.38 - Cross-Site Scripting 漏洞描述 Jeedom through 4.0.38 contains a cross-site scripting vulnerability. An attacker can execute arbitrary sc...

漏洞标题 CVE-2022-1020: WordPress WooCommerce <3.1.2 - Arbitrary Function Call 漏洞描述 WordPress WooCommerce plugin before 3.1.2 does not have authorisation and CSRF checks in ...

漏洞标题 Atlassian Confluence 远程代码执行漏洞(CVE-2021-26084) 漏洞描述 Atlassian 官方发布了Confluence Server Webwork OGNL注入漏洞（CVE-2021-26084）的安全公告，远程攻击者在经过身份...

漏洞标题 CVE-2020-7247: OpenSMTPD 6.4.0-6.6.1 - Remote Code Execution 漏洞描述 OpenSMTPD versions 6.4.0 - 6.6.1 are susceptible to remote code execution. smtp_mailaddr in smtp_sess...

漏洞标题 CVE-2013-7240: WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal 漏洞描述 A directory traversal vulnerability in download-file.php in the Advanced Dewplayer pl...

漏洞标题 CVE-2021-24862: WordPress RegistrationMagic <5.0.1.6 - Authenticated SQL Injection 漏洞描述 WordPress RegistrationMagic plugin before 5.0.1.6 contains an authenticated ...

漏洞标题 CVE-2016-3978: Fortinet FortiOS - Open Redirect/Cross-Site Scripting 漏洞描述 FortiOS Web User Interface in 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0...

漏洞标题 CVE-2019-14312: Aptana Jaxer 1.0.3.4547 - Local File inclusion 漏洞描述 Aptana Jaxer 1.0.3.4547 is vulnerable to local file inclusion in the wikilite source code viewer. A...

漏洞标题 CVE-2021-27748: IBM WebSphere HCL Digital Experience - Server-Side Request Forgery 漏洞描述 IBM WebSphere HCL Digital Experience is vulnerable to server-side request forge...

漏洞标题 CVE-2023-1546: MyCryptoCheckout < 2.124 - Cross-Site Scripting 漏洞描述 The MyCryptoCheckout WordPress plugin before 2.124 does not escape some URLs before outputting t...

漏洞标题 ConnectWise ScreenConnect CVE-2024-1709身份验证绕过漏洞 漏洞描述 ConnectWise ScreenConnect存在身份验证绕过漏洞，此漏洞是由于对url验证不充分导致的，特殊的url可绕过验证并访...

漏洞标题 CVE-2019-0230: Apache Struts <=2.5.20 - Remote Code Execution S2-059 漏洞描述 Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation when evaluated on raw user inp...

漏洞标题 CVE-2019-17662: ThinVNC 1.0b1 - Authentication Bypass 漏洞描述 ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a compromise of the VNC server. The vulne...

漏洞标题 CVE-2022-4059: Cryptocurrency Widgets Pack < 2.0 - SQL Injection 漏洞描述 The plugin does not sanitise and escape some parameter before using it in a SQL statement via ...

漏洞标题 Apache Druid 任意文件读取(CVE-2021-36749) 漏洞描述 在 Druid 摄取系统中，InputSource 用于从某个数据源读取数据。HTTP InputSource 允许经过身份验证的用户以 Druid服务器进程的权...