漏洞标题 CVE-2017-1000353: Jenkins CLI - Java Deserialization 漏洞描述 Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remo...

漏洞标题 CVE-2024-3495: Wordpress Country State City Dropdown <=2.7.2 - SQL Injection 漏洞描述 The Country State City Dropdown CF7 plugin for WordPress is vulnerable to SQL Inje...

漏洞标题 CVE-2022-0873: WordPress Gmedia Photo Gallery Plugin < 1.20.0 - Cross-Site Scripting 漏洞描述 The Gmedia Photo Gallery WordPress plugin before 1.20.0 does not sanitise ...

漏洞标题 CVE-2022-22947: Spring Cloud Gateway Code Injection 漏洞描述 Applications using Spring Cloud Gateway prior to 3.1.1+ and 3.0.7+ are vulnerable to a code injection attack w...

漏洞标题 CVE-2019-16469: Adobe Experience Manager - Expression Language Injection 漏洞描述 Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 has an expression lang...

漏洞标题 Citrix ShareFile 存在代码注入漏洞(CVE-2023-24489) 漏洞描述 Citrix旗下多款交付控制器和网关存在RCE漏洞，攻击者在无需身份验证的情况下就可执行任意命令。Citrix ShareFile存在代...

漏洞标题 CVE-2021-20792: WordPress Quiz and Survey Master <7.1.14 - Cross-Site Scripting 漏洞描述 WordPress Quiz and Survey Master plugin prior to 7.1.14 contains a cross-site s...

漏洞标题 CVE-2017-11629: FineCMS <=5.0.10 - Cross-Site Scripting 漏洞描述 FineCMS through 5.0.10 contains a cross-site scripting vulnerability in controllers/api.php via the fun...

漏洞标题 CVE-2023-27584: Dragonfly2 < 2.1.0-beta.1 - Hardcoded JWT Secret 漏洞描述 Dragonfly is an open source P2P-based file distribution and image acceleration system. It is h...

在安全小天地平台的火器中看到一个资产，居然是空白页面，空白页面就没有漏洞？？？偏偏不信邪，上手就是干！ http://xxx.target.com 打开页面啥也没有，一片空白 F12看下JS中的API接口，发现有...

漏洞标题 CVE-2010-1981: Joomla! Component Fabrik 2.0 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the Fabrik (com_fabrik) component 2.0 for Joomla! allows...

漏洞标题 CVE-2015-9323: 404 to 301 <= 2.0.2 - Authenticated Blind SQL Injection 漏洞描述 The 404 to 301 – Redirect, Log and Notify 404 Errors WordPress plugin was affected by a...

漏洞标题 CVE-2023-2766: Weaver OA 9.5 - Information Disclosure 漏洞描述 A vulnerability was found in Weaver OA 9.5 and classified as problematic. This issue affects some unknown pr...

漏洞标题 CVE-2023-47211: ManageEngine OpManager - Directory Traversal 漏洞描述 A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 1...

漏洞标题 CVE-2019-5128: YouPHPTube Encoder - Arbitrary File Write 漏洞描述 Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing enc...

漏洞标题 CVE-2022-0786: WordPress KiviCare <2.3.9 - SQL Injection 漏洞描述 WordPress KiviCare plugin before 2.3.9 contains a SQL injection vulnerability. The plugin does not san...