漏洞标题 CVE-2021-3377: npm ansi_up v4 - Cross-Site Scripting 漏洞描述 npm package ansi_up v4 is vulnerable to cross-site scripting because ANSI escape codes can be used to create ...

漏洞标题 CVE-2021-41381: Payara Micro Community 5.2021.6 Directory Traversal 漏洞描述 Payara Micro Community 5.2021.6 and below contains a directory traversal vulnerability. PoC代...

漏洞标题 CVE-2021-25065: Smash Balloon Social Post Feed < 4.1.1 - Authenticated Reflected Cross-Site Scripting 漏洞描述 The plugin was affected by a reflected XSS in custom-face...

漏洞标题 CVE-2021-24212: WooCommerce Help Scout - Arbitrary File Upload 漏洞描述 WooCommerce Help Scout plugin before version 2.9.1 contains an unrestricted file upload vulnerabili...

漏洞标题 CVE-2021-25008: The Code Snippets WordPress Plugin < 2.14.3 - Cross-Site Scripting 漏洞描述 The Wordpress plugin Code Snippets before 2.14.3 does not escape the snippet...

漏洞标题 CVE-2021-24291: WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting 漏洞描述 WordPress Photo Gallery by 10Web plugin before 1.5.69 contains multiple reflect...

漏洞标题 CVE-2021-24862: WordPress RegistrationMagic <5.0.1.6 - Authenticated SQL Injection 漏洞描述 WordPress RegistrationMagic plugin before 5.0.1.6 contains an authenticated ...

漏洞标题 CVE-2021-34643: WordPress Skaut Bazar <1.3.3 - Cross-Site Scripting 漏洞描述 WordPress Skaut Bazar plugin before 1.3.3 contains a reflected cross-site scripting vulnera...

漏洞标题 CVE-2021-33851: WordPress Customize Login Image <3.5.3 - Cross-Site Scripting 漏洞描述 WordPress Customize Login Image plugin prior to 3.5.3 contains a cross-site scrip...

漏洞标题 CVE-2021-37304: Jeecg Boot <= 2.4.5 - Information Disclosure 漏洞描述 An Insecure Permissions issue in jeecg-boot 2.4.5 allows unauthenticated remote attackers to gain ...

漏洞标题 CVE-2021-42887: TOTOLINK EX1200T 4.1.2cu.5215 - Authentication Bypass 漏洞描述 TOTOLINK EX1200T 4.1.2cu.5215 is susceptible to authentication bypass. An attacker can bypas...

漏洞标题 CVE-2021-29505: XStream <1.4.17 - Remote Code Execution 漏洞描述 XStream before 1.4.17 is susceptible to remote code execution. An attacker can execute commands of the ...

漏洞标题 Apache mod_proxy SSRF（CVE-2021-40438） 漏洞描述 Apache提供了mod_proxy模块用于提供代理服务，能够支持的包括正向代理、反向代理、透明代理、缓存、负载均衡，HTTP代理、FTP代理、...

漏洞标题 CVE-2021-23394: elFinder < 2.1.58 - Remote Code Execution 漏洞描述 studio-42/elfinder before 2.1.58 contains a remote code execution caused by execution of PHP code in ...

漏洞标题 CVE-2021-24155: WordPress BackupGuard <1.6.0 - Authenticated Arbitrary File Upload 漏洞描述 WordPress Backup Guard plugin before 1.6.0 is susceptible to authenticated a...

漏洞标题 CVE-2021-24370: WordPress Fancy Product Designer <4.6.9 - Arbitrary File Upload 漏洞描述 WordPress Fancy Product Designer plugin before 4.6.9 is susceptible to an arbit...