漏洞标题 CrushFTP /WebInterface/function/ 权限绕过漏洞（CVE-2025-31161） 漏洞描述 CrushFTP 是一种流行的文件传输服务器软件，版本 10.0.0 至 10.8.3 和 11.0.0 至 11.3.0 存在身份验证绕...

漏洞标题 CVE-2025-27218: Sitecore Experience Manager (XM)/Experience Platform (XP) 10.4 - Insecure Deserialization 漏洞描述 Sitecore Experience Manager (XM) and Experience Platform...

漏洞标题 CVE-2018-2893: Oracle WebLogic Server - Remote Code Execution 漏洞描述 The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services) versio...

漏洞标题 CVE-2021-21985: VMware vSphere Client (HTML5) - Remote Code Execution 漏洞描述 The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of inp...

漏洞标题 CVE-2022-1910: WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting 漏洞描述 WordPress Shortcodes and extra features plugin for the Phlox the...

漏洞标题 CVE-2021-24499: WordPress Workreap - Remote Code Execution 漏洞描述 WordPress Workreap theme is susceptible to remote code execution. The AJAX actions workreap_award_temp_...

漏洞标题 CVE-2020-11798: Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal 漏洞描述 A Directory Traversal vulnerability in the web conference component of Mitel MiCollab A...

漏洞标题 CVE-2020-14883: Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution 漏洞描述 The Oracle Fusion Middleware WebLogic Server admin console...

漏洞标题 CVE-2019-17228: Motors Car Dealer & Classified Ads <= 1.4.0 - Unauthenticated settings import/export 漏洞描述 includes/options.php in the motors-car-dealership-clas...

漏洞标题 CVE-2023-6831: mlflow - Path Traversal 漏洞描述 Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. PoC代码

漏洞标题 CVE-2022-0760: WordPress Simple Link Directory <7.7.2 - SQL injection 漏洞描述 WordPress Simple Link Directory plugin before 7.7.2 contains a SQL injection vulnerabilit...

漏洞标题 CVE-2021-3223: Node RED Dashboard - Directory Traversal 漏洞描述 Node-RED-Dashboard before 2.26.2 allows ui_base/js/..%2f directory traversal to read files. PoC代码

漏洞标题 CVE-2021-45428: Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Upload 漏洞描述 TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabl...

漏洞标题 CVE-2025-2711: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting 漏洞描述 Yonyou UFIDA ERP-NC V5.0 is vulnerable to reflected cross-site scripting (XSS) via the langcode par...

漏洞标题 CVE-2023-6000: WordPress Popup Builder <= 4.2.3 - Unauthenticated Stored XSS 漏洞描述 The Popup Builder WordPress plugin before 4.2.3 does not prevent simple visitors f...

漏洞标题 CVE-2020-26217: XStream <1.4.14 - Remote Code Execution 漏洞描述 XStream before 1.4.14 is susceptible to remote code execution. An attacker can run arbitrary shell comm...