最新发布第970页
Apache OFBiz CVE-2018-8033 XML外部实体注入漏洞
漏洞标题 Apache OFBiz CVE-2018-8033 XML外部实体注入漏洞 漏洞描述 Apache OFBiz存在XML外部实体注入漏洞,此漏洞是由于httpService接口对用户的请求验证不当导致的。 PoC代码 暂无
Apache OFBiz CVE-2024-38856 未授权代码执行漏洞
漏洞标题 Apache OFBiz CVE-2024-38856 未授权代码执行漏洞 漏洞描述 Apache OFBiz存在未授权代码执行漏洞,该漏洞是由于ProgramExport接口对用户的权限校验不当导致的。 PoC代码 暂无
CVE-2024-34470: HSC Mailinspector 5.2.17-3 through 5.2.18 – Local File Inclusion
漏洞标题 CVE-2024-34470: HSC Mailinspector 5.2.17-3 through 5.2.18 - Local File Inclusion 漏洞描述 An Unauthenticated Path Traversal vulnerability exists in the /public/loaderphp f...
CVE-2019-3398: Atlassian Confluence Download Attachments – Remote Code Execution
漏洞标题 CVE-2019-3398: Atlassian Confluence Download Attachments - Remote Code Execution 漏洞描述 Confluence Server and Data Center had a path traversal vulnerability in the downl...
CVE-2022-21587: Oracle E-Business Suite 12.2.3 -12.2.11 – Remote Code Execution
漏洞标题 CVE-2022-21587: Oracle E-Business Suite 12.2.3 -12.2.11 - Remote Code Execution 漏洞描述 Oracle E-Business Suite 12.2.3 through 12.2.11 is susceptible to remote code execu...
CVE-2019-3398: Atlassian Confluence Download Attachments – Remote Code Execution
漏洞标题 CVE-2019-3398: Atlassian Confluence Download Attachments - Remote Code Execution 漏洞描述 Confluence Server and Data Center had a path traversal vulnerability in the downl...
CVE-2022-43014: OpenCATS 0.9.6 – Cross-Site Scripting
漏洞标题 CVE-2022-43014: OpenCATS 0.9.6 - Cross-Site Scripting 漏洞描述 OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the joborderID parameter. An attacker can i...
CVE-2020-5191: PHPGurukul Hospital Management System – Cross-Site Scripting
漏洞标题 CVE-2020-5191: PHPGurukul Hospital Management System - Cross-Site Scripting 漏洞描述 PHPGurukul Hospital Management System in PHP 4.0 contains multiple cross-site scriptin...
CVE-2023-40752: PHPJabbers Make an Offer Widget v1.0 – Cross-Site Scripting
漏洞标题 CVE-2023-40752: PHPJabbers Make an Offer Widget v1.0 - Cross-Site Scripting 漏洞描述 There is a Cross Site Scripting (XSS) vulnerability in the "action" paramete...
CVE-2024-0305: Ncast busiFacade – Remote Command Execution
漏洞标题 CVE-2024-0305: Ncast busiFacade - Remote Command Execution 漏洞描述 The Ncast Yingshi high-definition intelligent recording and playback system is a newly developed audio ...
CVE-2023-1177: MLflow get-artifact 任意文件读取漏洞
漏洞标题 CVE-2023-1177: MLflow get-artifact 任意文件读取漏洞 漏洞描述 使用 MLflow 模型注册表托管 MLflow 开源项目的用户 mlflow server或者 mlflow ui使用早于 MLflow 2.2.1 的 MLflow 版...
CVE-2023-1546: MyCryptoCheckout < 2.124 - Cross-Site Scripting
漏洞标题 CVE-2023-1546: MyCryptoCheckout < 2.124 - Cross-Site Scripting 漏洞描述 The MyCryptoCheckout WordPress plugin before 2.124 does not escape some URLs before outputting t...
CVE-2017-7855: IceWarp WebMail 11.3.1.5 – Cross-Site Scripting
漏洞标题 CVE-2017-7855: IceWarp WebMail 11.3.1.5 - Cross-Site Scripting 漏洞描述 IceWarp WebMail 11.3.1.5 is vulnerable to cross-site scripting via the language parameter. PoC代码
(CVE-2025-10210) ChanCMS Search功能SQL注入漏洞
漏洞标题 (CVE-2025-10210) ChanCMS Search功能SQL注入漏洞 漏洞描述 (CVE-2025-10210) ChanCMS Search功能SQL注入漏洞 PoC代码 暂无
CVE-2020-29597: IncomCMS 2.0 – Arbitrary File Upload
漏洞标题 CVE-2020-29597: IncomCMS 2.0 - Arbitrary File Upload 漏洞描述 IncomCMS 2.0 has a an insecure file upload vulnerability in modules/uploader/showcase/script.php. This allows...
CVE-2020-35749: WordPress Simple Job Board <2.9.4 - Local File Inclusion
漏洞标题 CVE-2020-35749: WordPress Simple Job Board <2.9.4 - Local File Inclusion 漏洞描述 WordPress Simple Job Board prior to version 2.9.4 is vulnerable to arbitrary file retr...





