排序
CVE-2023-3479: Hestiacp <= 1.7.7 - Cross-Site Scripting
漏洞标题 CVE-2023-3479: Hestiacp <= 1.7.7 - Cross-Site Scripting 漏洞描述 Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.7.8. PoC代码
2023年12月20日 00:17CVE-2023-22952: SugarCRM Unauthenticated – Remote Code Execution
漏洞标题 CVE-2023-22952: SugarCRM Unauthenticated - Remote Code Execution 漏洞描述 In SugarCRM before 12.0. Hotfix 91155, a crafted request can inject custom PHP code through the E...
2023年9月10日 11:16Atlassian Confluence /json/setup-restore.action 文件上传漏洞(CVE-2023-22518)
漏洞标题 Atlassian Confluence /json/setup-restore.action 文件上传漏洞(CVE-2023-22518) 漏洞描述 Atlassian Confluence是一款企业知识管理与协作软件。该漏洞存在于Atlassian Confluence...
2023年7月27日 03:32CVE-2023-2256: WordPress Product Addons & Fields for WooCommerce < 32.0.7 - Cross-Site Scripting
漏洞标题 CVE-2023-2256: WordPress Product Addons & Fields for WooCommerce < 32.0.7 - Cross-Site Scripting 漏洞描述 The Product Addons & Fields for WooCommerce WordPress ...
2023年9月22日 07:26CVE-2023-30777: Advanced Custom Fields < 6.1.6 - Cross-Site Scripting
漏洞标题 CVE-2023-30777: Advanced Custom Fields < 6.1.6 - Cross-Site Scripting 漏洞描述 Advanced Custom Fields beofre 6.1.6 is susceptible to cross-site scripting via the post_s...
2023年11月3日 18:14CVE-2023-2734: MStore API <= 3.9.1 - Authentication Bypass
漏洞标题 CVE-2023-2734: MStore API <= 3.9.1 - Authentication Bypass 漏洞描述 The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and in...
2023年12月30日 14:04CVE-2023-2648: Weaver E-Office 9.5 – Remote Code Execution
漏洞标题 CVE-2023-2648: Weaver E-Office 9.5 - Remote Code Execution 漏洞描述 A vulnerability was found in Weaver E-Office 9.5. It has been classified as critical. This affects an u...
2023年4月2日 16:58Apache OFBiz CVE-2023-50968 服务端请求伪造漏洞
漏洞标题 Apache OFBiz CVE-2023-50968 服务端请求伪造漏洞 漏洞描述 Apache OFBiz存在服务器端请求伪造漏洞。此漏洞是由于对requiredLabel参数缺乏校验导致的。 PoC代码 暂无
2023年9月24日 18:38CVE-2023-52251: Kafka UI 0.7.1 Command Injection
漏洞标题 CVE-2023-52251: Kafka UI 0.7.1 Command Injection 漏洞描述 An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code v...
2023年2月7日 08:08CVE-2023-27640: PrestaShop tshirtecommerce – Directory Traversal
漏洞标题 CVE-2023-27640: PrestaShop tshirtecommerce - Directory Traversal 漏洞描述 The Custom Product Designer (tshirtecommerce) module for PrestaShop allows HTTP requests to be fo...
2023年4月6日 11:49CVE-2023-5003: Active Directory Integration WP Plugin < 4.1.10 - Log Disclosure
漏洞标题 CVE-2023-5003: Active Directory Integration WP Plugin < 4.1.10 - Log Disclosure 漏洞描述 The Active Directory Integration / LDAP Integration WordPress plugin before 4.1...
2023年12月6日 11:40CVE-2023-45375: PrestaShop PireosPay – SQL Injection
漏洞标题 CVE-2023-45375: PrestaShop PireosPay - SQL Injection 漏洞描述 In the module “PireosPay” (pireospay) up to version 1.7.9 from 01generator.com for PrestaShop, a guest can ...
2023年4月12日 22:56CVE-2023-26843: ChurchCRM 4.5.3 – Cross-Site Scripting
漏洞标题 CVE-2023-26843: ChurchCRM 4.5.3 - Cross-Site Scripting 漏洞描述 A stored Cross-site scripting (XSS) vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbi...
2023年1月7日 09:16CVE-2023-6000: WordPress Popup Builder <= 4.2.3 - Unauthenticated Stored XSS
漏洞标题 CVE-2023-6000: WordPress Popup Builder <= 4.2.3 - Unauthenticated Stored XSS 漏洞描述 The Popup Builder WordPress plugin before 4.2.3 does not prevent simple visitors f...
2023年3月18日 06:50CVE-2023-1119: WP-Optimize WordPress plugin < 3.2.13 - Cross-Site Scripting
漏洞标题 CVE-2023-1119: WP-Optimize WordPress plugin < 3.2.13 - Cross-Site Scripting 漏洞描述 The WP-Optimize WordPress plugin before 3.2.13 and SrbTransLatin WordPress plugin b...
2023年8月31日 14:57CVE-2023-37580: Zimbra Collaboration Suite (ZCS) v.8.8.15 – Cross-Site Scripting
漏洞标题 CVE-2023-37580: Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting 漏洞描述 Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Clas...
2023年9月5日 17:17
