排序
CVE-2022-1007: WordPress Advanced Booking Calendar <1.7.1 - Cross-Site Scripting
漏洞标题 CVE-2022-1007: WordPress Advanced Booking Calendar <1.7.1 - Cross-Site Scripting 漏洞描述 WordPress Advanced Booking Calendar plugin before 1.7.1 contains a cross-site ...
2022年10月19日 20:39CVE-2022-33107: ThinkPHP 6.0.12 反序列化 RCE
漏洞标题 CVE-2022-33107: ThinkPHP 6.0.12 反序列化 RCE 漏洞描述 通过组件 vendor\league\flysystem-cached-adapter\src\Storage\AbstractCache.php 发现 ThinkPHP v6.0.12 包含反序列化漏洞...
2022年10月19日 15:32CVE-2022-34094: Software Publico Brasileiro i3geo v7.0.5 – Cross-Site Scripting
漏洞标题 CVE-2022-34094: Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting 漏洞描述 Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cro...
2022年10月19日 05:18CVE-2022-29303: SolarView Compact 6.00 – OS Command Injection
漏洞标题 CVE-2022-29303: SolarView Compact 6.00 - OS Command Injection 漏洞描述 SolarView Compact 6.00 was discovered to contain a command injection vulnerability via conf_mail.php...
2022年10月19日 00:20CVE-2022-35405: Zoho ManageEngine – Remote Code Execution
漏洞标题 CVE-2022-35405: Zoho ManageEngine - Remote Code Execution 漏洞描述 Zoho ManageEngine Password Manager Pro, PAM 360, and Access Manager Plus are susceptible to unauthentica...
2022年10月18日 22:19CVE-2022-23131: Zabbix – SAML SSO Authentication Bypass
漏洞标题 CVE-2022-23131: Zabbix - SAML SSO Authentication Bypass 漏洞描述 When SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor b...
2022年10月18日 15:02CVE-2022-42233: Tenda 11N – Authentication Bypass
漏洞标题 CVE-2022-42233: Tenda 11N - Authentication Bypass 漏洞描述 Tenda 11N with firmware version V5.07.33_cn contains an authentication bypass vulnerability. An attacker can pos...
2022年10月18日 14:45CVE-2022-23347: BigAnt Server v5.6.06 – Local File Inclusion
漏洞标题 CVE-2022-23347: BigAnt Server v5.6.06 - Local File Inclusion 漏洞描述 BigAnt Server v5.6.06 is vulnerable to local file inclusion. PoC代码
2022年10月18日 13:46CVE-2022-2168: WordPress Download Manager < 3.2.44 - Authenticated Cross-Site Scripting
漏洞标题 CVE-2022-2168: WordPress Download Manager < 3.2.44 - Authenticated Cross-Site Scripting 漏洞描述 The WordPress Download Manager plugin before version 3.2.44 does not pr...
2022年10月18日 10:09CVE-2022-0817: WordPress BadgeOS <=3.7.0 - SQL Injection
漏洞标题 CVE-2022-0817: WordPress BadgeOS <=3.7.0 - SQL Injection 漏洞描述 WordPress BadgeOS plugin through 3.7.0 contains a SQL injection vulnerability. It does not sanitize an...
2022年10月18日 04:40CVE-2022-0817: WordPress BadgeOS <=3.7.0 - SQL Injection
漏洞标题 CVE-2022-0817: WordPress BadgeOS <=3.7.0 - SQL Injection 漏洞描述 WordPress BadgeOS plugin through 3.7.0 contains a SQL injection vulnerability. It does not sanitize an...
2022年10月18日 04:20CVE-2022-22947: Spring Cloud Gateway Code Injection
漏洞标题 CVE-2022-22947: Spring Cloud Gateway Code Injection 漏洞描述 Applications using Spring Cloud Gateway prior to 3.1.1+ and 3.0.7+ are vulnerable to a code injection attack w...
2022年10月18日 03:56Casdoor 1.13.0-SQL注入(CVE-2022-24124)
漏洞标题 Casdoor 1.13.0-SQL注入(CVE-2022-24124) 漏洞描述 Casdoor 是一个基于 OAuth 2.0 / OIDC 的 UI 优先集中认证 / 单点登录 (SSO) 平台。该平台存在sql注入漏洞 PoC代码 暂无
2022年10月17日 23:17CVE-2022-24816: GeoServer <1.2.2 - Remote Code Execution
漏洞标题 CVE-2022-24816: GeoServer <1.2.2 - Remote Code Execution 漏洞描述 Programs run on GeoServer before 1.2.2 which use jt-jiffle and allow Jiffle script to be provided via ...
2022年10月17日 18:30CVE-2022-0867: WordPress ARPrice <3.6.1 - SQL Injection
漏洞标题 CVE-2022-0867: WordPress ARPrice <3.6.1 - SQL Injection 漏洞描述 WordPress ARPrice plugin prior to 3.6.1 contains a SQL injection vulnerability. It fails to properly sa...
2022年10月17日 14:09CVE-2022-0827: WordPress Best Books <=2.6.3 - SQL Injection
漏洞标题 CVE-2022-0827: WordPress Best Books <=2.6.3 - SQL Injection 漏洞描述 WordPress Best Books plugin through 2.6.3 is susceptible to SQL injection. The plugin does not sani...
2022年10月17日 05:54
