漏洞标题 CVE-2019-7139: Magento - SQL Injection 漏洞描述 An unauthenticated user can execute SQL statements that allow arbitrary read access to the underlying database, which cause...

漏洞标题 CVE-2019-10758: mongo-express Remote Code Execution 漏洞描述 mongo-express before 0.54.0 is vulnerable to remote code execution via endpoints that uses the `toBSON` method...

漏洞标题 CVE-2019-9632: ESAFENET CDG - Arbitrary File Download 漏洞描述 ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability via the fileName parameter in download.j...

漏洞标题 CVE-2019-19825: TOTOLINK/Realtek Routers - CAPTCHA Bypass 漏洞描述 On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via a POST request to t...

漏洞标题 CVE-2019-16278: nostromo 1.9.6 - Remote Code Execution 漏洞描述 nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via directory traversal i...

漏洞标题 CVE-2019-19822: TOTOLINK/Realtek Routers - Information Disclosure 漏洞描述 A certain router administration interface using Realtek APMIB (e.g., on TOTOLINK models) allows ...

漏洞标题 CVE-2019-12987: Citrix SD-WAN Center - Remote Command Injection 漏洞描述 Citrix SD-WAN Center is susceptible to remote command injection via the apply action in StorageMgm...

漏洞标题 CVE-2019-20141: WordPress Laborator Neon Theme 2.0 - Cross-Site Scripting 漏洞描述 WordPress Laborator Neon theme 2.0 contains a cross-site scripting vulnerability via the...

漏洞标题 CVE-2019-17228: Motors Car Dealer & Classified Ads <= 1.4.0 - Unauthenticated settings import/export 漏洞描述 includes/options.php in the motors-car-dealership-clas...