漏洞标题 CVE-2021-25085: WOOF WordPress plugin - Cross-Site Scripting 漏洞描述 The WOOF WordPress plugin does not sanitize or escape the woof_redraw_elements parameter before refle...

漏洞标题 CVE-2021-24291: WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting 漏洞描述 WordPress Photo Gallery by 10Web plugin before 1.5.69 contains multiple reflect...

漏洞标题 CVE-2021-24364: WordPress Jannah Theme <5.4.4 - Cross-Site Scripting 漏洞描述 WordPress Jannah theme before 5.4.4 contains a reflected cross-site scripting vulnerabilit...

漏洞标题 CVE-2021-36873: WordPress iQ Block Country <=1.2.11 - Cross-Site Scripting 漏洞描述 WordPress iQ Block Country plugin 1.2.11 and prior contains a cross-site scripting v...

漏洞标题 CVE-2021-45046-DAST: Apache Log4j2 - Remote Code Injection 漏洞描述 Apache Log4j2 Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-defau...

漏洞标题 CVE-2021-26084: Confluence Server - Remote Code Execution 漏洞描述 Confluence Server and Data Center contain an OGNL injection vulnerability that could allow an authentica...

漏洞标题 CVE-2021-31602: Hitachi Vantara Pentaho/Business Intelligence Server - Authentication Bypass 漏洞描述 Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence...

漏洞标题 CVE-2021-3374: Rstudio Shiny Server <1.5.16 - Local File Inclusion 漏洞描述 Rstudio Shiny Server prior to 1.5.16 is vulnerable to local file inclusion and source code l...

漏洞标题 CVE-2021-35250: SolarWinds Serv-U 15.3 - Directory Traversal 漏洞描述 SolarWinds Serv-U 15.3 is susceptible to local file inclusion, which may allow an attacker access to ...

漏洞标题 CVE-2021-24746: WordPress Sassy Social Share Plugin <3.3.40 - Cross-Site Scripting 漏洞描述 WordPress plugin Sassy Social Share < 3.3.40 contains a reflected cross-s...

漏洞标题 CVE-2021-24498: WordPress Calendar Event Multi View <1.4.01 - Cross-Site Scripting 漏洞描述 WordPress Calendar Event Multi View plugin before 1.4.01 contains an unauthe...

漏洞标题 CVE-2021-21972: VMware vSphere Client (HTML5) - Remote Code Execution 漏洞描述 VMware vCenter vSphere Client (HTML5) contains a remote code execution vulnerability in a vC...

漏洞标题 CVE-2021-25298: Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection 漏洞描述 Nagios XI 5.5.6 through 5.7.5 is susceptible to authenticated remote command inject...

漏洞标题 CVE-2021-24169: WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting 漏洞描述 WordPress Advanced Order Export For WooCommerce plu...

漏洞标题 CVE-2021-39312: WordPress True Ranker <2.2.4 - Local File Inclusion 漏洞描述 WordPress True Ranker before version 2.2.4 allows sensitive configuration files such as wp-...

漏洞标题 CVE-2021-41419: QVIS NVR/DVR - Remote Code Execution 漏洞描述 QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java deserialization. PoC代码