漏洞标题 CVE-2016-10033: WordPress PHPMailer < 5.2.18 - Remote Code Execution 漏洞描述 WordPress PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to...

漏洞标题 CVE-2020-36731: Flexible Checkout Fields for WooCommerce <= 2.3.1 - Unauthenticated Arbitrary Plugin Settings Update 漏洞描述 The Flexible Checkout Fields for WooCommer...

漏洞标题 CVE-2023-2986: Abandoned Cart Lite for WooCommerce - Authentication Bypass 漏洞描述 The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentic...

漏洞标题 CVE-2022-1937: WordPress Awin Data Feed <=1.6 - Cross-Site Scripting 漏洞描述 WordPress Awin Data Feed plugin 1.6 and prior contains a cross-site scripting vulnerabilit...

漏洞标题 CVE-2022-29007: Dairy Farm Shop Management System 1.0 - SQL Injection 漏洞描述 Dairy Farm Shop Management System 1.0 contains multiple SQL injection vulnerabilities via th...

漏洞标题 CVE-2010-1474: Joomla! Component Sweetykeeper 1.5 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5...

越权测试小技巧：利用对象注入(Object Injection) POST /email Host: localhost Content-Type: application/json {'email':'guest@example.com'} ------------------- POST /email Host: localh...

漏洞标题 CVE-2010-1977: Joomla! Component J!WHMCS Integrator 1.5.0 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the J!WHMCS Integrator (com_jwhmcs) compon...

漏洞标题 CVE-2023-23488: WordPress Paid Memberships Pro <2.9.8 - Blind SQL Injection 漏洞描述 WordPress Paid Memberships Pro plugin before 2.9.8 contains a blind SQL injection v...

漏洞标题 CVE-2023-2986: Abandoned Cart Lite for WooCommerce - Authentication Bypass 漏洞描述 The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentic...

漏洞标题 CVE-2024-5947: Deep Sea Electronics DSE855 - Authentication Bypass 漏洞描述 Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure ...

漏洞标题 CVE-2022-0434: WordPress Page Views Count <2.4.15 - SQL Injection 漏洞描述 WordPress Page Views Count plugin prior to 2.4.15 contains an unauthenticated SQL injection v...

漏洞标题 CVE-2019-9041: ZZZCMS 1.6.1 - Remote Code Execution 漏洞描述 ZZZCMS zzzphp V1.6.1 is vulnerable to remote code execution via the inc/zzz_template.php file because the pars...

漏洞标题 Apache RocketMQ CVE-2023-33246 远程代码执行漏洞 漏洞描述 Apache RocketMQ存在远程代码执行漏洞，此漏洞是由于对权限和用户输入校验不当导致的。 PoC代码 暂无

漏洞标题 CVE-2021-35395: RealTek Jungle SDK - Arbitrary Command Injection 漏洞描述 There is a command injection vulnerability on the "formWsc" page of the management inte...

漏洞标题 CVE-2023-0099: Simple URLs < 115 - Cross Site Scripting 漏洞描述 The plugin does not sanitise and escape some parameters before outputting them back in some pages, lead...