排序
Apache APISIX Dashboard命令执行漏洞(CVE-2022-24112)
漏洞标题 Apache APISIX Dashboard命令执行漏洞(CVE-2022-24112) 漏洞描述 Apache APISIX 是一个动态、实时、高性能的开源 API网关,提供负载均衡、动态上游、灰度发布、服务熔断、身份认证、可...
2022年5月10日 06:11CVE-2022-1439: Microweber <1.2.15 - Cross-Site Scripting
漏洞标题 CVE-2022-1439: Microweber <1.2.15 - Cross-Site Scripting 漏洞描述 Microweber prior to 1.2.15 contains a reflected cross-site scripting vulnerability. An attacker can ex...
2022年5月10日 05:47CVE-2022-0479: Popup Builder Plugin – SQL Injection and Cross-Site Scripting
漏洞标题 CVE-2022-0479: Popup Builder Plugin - SQL Injection and Cross-Site Scripting 漏洞描述 The Popup Builder WordPress plugin before 4.1.1 is vulnerable to SQL Injection and Re...
2022年5月10日 03:59CVE-2022-1574: WordPress HTML2WP <=1.0.0 - Arbitrary File Upload
漏洞标题 CVE-2022-1574: WordPress HTML2WP <=1.0.0 - Arbitrary File Upload 漏洞描述 WordPress HTML2WP plugin through 1.0.0 contains an arbitrary file upload vulnerability. The pl...
2022年5月10日 03:57CVE-2022-0693: WordPress Master Elements <=8.0 - SQL Injection
漏洞标题 CVE-2022-0693: WordPress Master Elements <=8.0 - SQL Injection 漏洞描述 WordPress Master Elements plugin through 8.0 contains a SQL injection vulnerability. The plugin ...
2022年5月9日 21:26CVE-2022-0651: WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection
漏洞标题 CVE-2022-0651: WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection 漏洞描述 The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient e...
2022年5月9日 13:01CVE-2022-1580: Site Offline WP Plugin < 1.5.3 - Authorization Bypass
漏洞标题 CVE-2022-1580: Site Offline WP Plugin < 1.5.3 - Authorization Bypass 漏洞描述 The plugin prevents users from accessing a website but does not do so if the URL contained...
2022年5月9日 12:21CVE-2022-0651: WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection
漏洞标题 CVE-2022-0651: WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection 漏洞描述 The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient e...
2022年5月9日 10:16CVE-2022-22963: Spring Cloud – Remote Code Execution
漏洞标题 CVE-2022-22963: Spring Cloud - Remote Code Execution 漏洞描述 Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions are susceptible to remote code exe...
2022年5月9日 06:13CVE-2022-25226: ThinVNC – Authentication Bypass
漏洞标题 CVE-2022-25226: ThinVNC - Authentication Bypass 漏洞描述 ThinVNC version 1.0b1 allows an unauthenticated user to bypass the authentication process via a specific command, ...
2022年5月9日 01:35(CVE-2022-0540) Atlassian Jira Seraph 身份验证绕过漏洞
漏洞标题 (CVE-2022-0540) Atlassian Jira Seraph 身份验证绕过漏洞 漏洞描述 (CVE-2022-0540) Atlassian Jira Seraph 身份验证绕过漏洞 PoC代码 暂无
2022年5月8日 16:16CVE-2022-1162: GitLab CE/EE – Hard-Coded Credentials
漏洞标题 CVE-2022-1162: GitLab CE/EE - Hard-Coded Credentials 漏洞描述 GitLab CE/EE contains a hard-coded credentials vulnerability. A hardcoded password was set for accounts regis...
2022年5月8日 14:21CVE-2022-21500: Oracle E-Business Suite <=12.2 - Authentication Bypass
漏洞标题 CVE-2022-21500: Oracle E-Business Suite <=12.2 - Authentication Bypass 漏洞描述 Oracle E-Business Suite (component: Manage Proxies) 12.1 and 12.2 are susceptible to an ...
2022年5月8日 12:34CVE-2022-33901: WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read
漏洞标题 CVE-2022-33901: WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read 漏洞描述 WordPress MultiSafepay for WooCommerce plugin through 4.13.1 contains an ...
2022年5月8日 06:30CVE-2022-45037: WBCE CMS v1.5.4 – Cross Site Scripting (Stored)
漏洞标题 CVE-2022-45037: WBCE CMS v1.5.4 - Cross Site Scripting (Stored) 漏洞描述 A cross-site scripting (XSS) vulnerability in /admin/users/index.php of WBCE CMS v1.5.4 allows att...
2022年5月8日 03:43Ametys CMS CVE-2022-26159信息泄露漏洞
漏洞标题 Ametys CMS CVE-2022-26159信息泄露漏洞 漏洞描述 Ametys CMS 存在信息泄露漏洞,此漏洞是缺乏校验导致的。 PoC代码 暂无
2022年5月7日 10:28
