漏洞标题 CVE-2024-30269: DataEase <= 2.4.1 - Sensitive Information Exposure 漏洞描述 DataEase, an open source data visualization and analysis tool, has a database configuration ...

漏洞标题 CVE-2024-1210: LearnDash LMS < 4.10.2 - Sensitive Information Exposure 漏洞描述 The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure i...

漏洞标题 CVE-2024-24565: CrateDB数据库任意文件读取漏洞 漏洞描述 CrateDB is a distributed SQL database that makes it simple to store and analyze massive amounts of data in real-time...

漏洞标题 CVE-2024-21645: pyload - Log Injection 漏洞描述 A log injection vulnerability was identified in pyload. This vulnerability allows any unauthenticated actor to inject arbit...

漏洞标题 CVE-2024-48360: Qualitor <= v8.24 - Server-Side Request Forgery 漏洞描述 Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component...

漏洞标题 CVE-2024-28623: RiteCMS 3.0.0 - Cross-site Scripting 漏洞描述 RiteCMS v3.0.0 contains a reflected XSS caused by unsanitized input in the main_menu/edit_section component, ...

漏洞标题 CVE-2024-22927: eyoucms v.1.6.5 - Cross-Site Scripting 漏洞描述 Cross Site Scripting (XSS) vulnerability in the func parameter in eyoucms v.1.6.5 allows a remote attacker ...

漏洞标题 CVE-2024-39646: WordPress Custom 404 Pro <= 3.11.1 - Reflected XSS 漏洞描述 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripti...

漏洞标题 CVE-2024-34102: Adobe Commerce & Magento - CosmicSting 漏洞描述 Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Res...

漏洞标题 CVE-2024-4399: WordPress CAS Theme <= 1.0.0 - Server-Side Request Forgery 漏洞描述 The CAS WordPress theme through version 1.0.0 is vulnerable to Server-Side Request Fo...

漏洞标题 CVE-2024-1208: LearnDash LMS < 4.10.3 - Sensitive Information Exposure 漏洞描述 The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure i...

漏洞标题 CVE-2024-38653: Ivanti Avalanche SmartDeviceServer - XML External Entity 漏洞描述 XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attack...

漏洞标题 CVE-2024-0799: Arcserve Unified Data Protection - Authentication Bypass 漏洞描述 An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and ...

漏洞标题 CVE-2024-24763: JumpServer < 3.10.0 - Open Redirect 漏洞描述 JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to ...

漏洞标题 CVE-2024-13624: WordPress WPMovieLibrary Plugin <= 2.1.4.8 - Cross-Site Scripting 漏洞描述 The WPMovieLibrary WordPress plugin through version 2.1.4.8 contains a reflec...

漏洞标题 CVE-2024-50623: Cleo Synchronization 任意文件读取 漏洞描述 Cleo Synchronization 存在任意文件读取漏洞，攻击者可通过构造恶意请求获取服务器上的任意文件内容。 fofa: server=&qu...