排序
CVE-2022-0769: Users Ultra <= 3.1.0 - SQL Injection
漏洞标题 CVE-2022-0769: Users Ultra <= 3.1.0 - SQL Injection 漏洞描述 The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the data_target parame...
2022年8月26日 15:14CVE-2022-31181: PrestaShop – SQL Injection to Eval Injection
漏洞标题 CVE-2022-31181: PrestaShop - SQL Injection to Eval Injection 漏洞描述 PrestaShop versions from 1.6.0.10 and before 1.7.8.7 contain an SQL injection caused by unsanitized u...
2022年7月28日 18:43CVE-2022-1007: WordPress Advanced Booking Calendar <1.7.1 - Cross-Site Scripting
漏洞标题 CVE-2022-1007: WordPress Advanced Booking Calendar <1.7.1 - Cross-Site Scripting 漏洞描述 WordPress Advanced Booking Calendar plugin before 1.7.1 contains a cross-site ...
2022年10月31日 16:01CVE-2022-0597: Microweber < 1.2.11 - Open Redirection
漏洞标题 CVE-2022-0597: Microweber < 1.2.11 - Open Redirection 漏洞描述 Open Redirect in Packagist microweber/microweber prior to 1.2.11. PoC代码
2022年12月27日 21:40CVE-2022-2467: Garage Management System 1.0 – SQL Injection
漏洞标题 CVE-2022-2467: Garage Management System 1.0 - SQL Injection 漏洞描述 Garage Management System 1.0 contains a SQL injection vulnerability in /login.php via manipulation of ...
2022年2月5日 04:25Apache ShardingSphere CVE-2022-22733远程代码执行漏洞
漏洞标题 Apache ShardingSphere CVE-2022-22733远程代码执行漏洞 漏洞描述 Apache ShardingSphere存在远程代码执行漏洞,此漏洞是缺乏校验导致的。 PoC代码 暂无
2022年11月15日 22:27CVE-2022-29383: NETGEAR ProSafe SSL VPN firmware – SQL Injection
漏洞标题 CVE-2022-29383: NETGEAR ProSafe SSL VPN firmware - SQL Injection 漏洞描述 NETGEAR ProSafe SSL VPN multiple firmware versions were discovered to contain a SQL injection vul...
2022年10月12日 11:43CVE-2022-0434: WordPress Page Views Count <2.4.15 - SQL Injection
漏洞标题 CVE-2022-0434: WordPress Page Views Count <2.4.15 - SQL Injection 漏洞描述 WordPress Page Views Count plugin prior to 2.4.15 contains an unauthenticated SQL injection v...
2022年7月16日 01:27CVE-2022-31854: Codoforum 5.1 – Arbitrary File Upload
漏洞标题 CVE-2022-31854: Codoforum 5.1 - Arbitrary File Upload 漏洞描述 Codoforum 5.1 contains an arbitrary file upload vulnerability via the logo change option in the admin panel....
2022年6月7日 12:01CVE-2022-47945: Thinkphp Lang – Local File Inclusion
漏洞标题 CVE-2022-47945: Thinkphp Lang - Local File Inclusion 漏洞描述 ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack fe...
2022年5月23日 15:37CVE-2022-44290: WebTareas 2.4p5 – SQL Injection
漏洞标题 CVE-2022-44290: WebTareas 2.4p5 - SQL Injection 漏洞描述 webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstag...
2022年5月21日 22:00CVE-2022-39048: ServiceNow – Cross-site Scripting
漏洞标题 CVE-2022-39048: ServiceNow - Cross-site Scripting 漏洞描述 A XSS vulnerability was identified in the ServiceNow UI page assessment_redirect. To exploit this vulnerability,...
2022年7月23日 14:32CVE-2022-32772: WWBN AVideo 11.6 – Cross-Site Scripting
漏洞标题 CVE-2022-32772: WWBN AVideo 11.6 - Cross-Site Scripting 漏洞描述 WWBN AVideo 11.6 contains a cross-site scripting vulnerability in the footer alerts functionality via the ...
2022年6月14日 15:40CVE-2022-1020: WordPress WooCommerce <3.1.2 - Arbitrary Function Call
漏洞标题 CVE-2022-1020: WordPress WooCommerce <3.1.2 - Arbitrary Function Call 漏洞描述 WordPress WooCommerce plugin before 3.1.2 does not have authorisation and CSRF checks in ...
2022年12月27日 03:19CVE-2022-31101: Prestashop Blockwishlist 2.1.0 SQL Injection
漏洞标题 CVE-2022-31101: Prestashop Blockwishlist 2.1.0 SQL Injection 漏洞描述 Prestashop Blockwishlist module version 2.1.0 suffers from a remote authenticated SQL injection vulne...
2022年11月22日 00:15CVE-2022-42118: Liferay Portal – Cross-site Scripting
漏洞标题 CVE-2022-42118: Liferay Portal - Cross-site Scripting 漏洞描述 A Cross-site scripting (XSS) vulnerability in the Portal Search module in Liferay Portal 7.1.0 through 7.4.2...
2022年9月3日 15:02
