排序
CVE-2023-2986: Abandoned Cart Lite for WooCommerce – Authentication Bypass
漏洞标题 CVE-2023-2986: Abandoned Cart Lite for WooCommerce - Authentication Bypass 漏洞描述 The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentic...
2023年1月12日 16:21CVE-2023-1408: Video List Manager <= 1.7 - SQL Injection
漏洞标题 CVE-2023-1408: Video List Manager <= 1.7 - SQL Injection 漏洞描述 The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leadi...
2023年10月25日 04:07CVE-2023-0099: Simple URLs < 115 - Cross Site Scripting
漏洞标题 CVE-2023-0099: Simple URLs < 115 - Cross Site Scripting 漏洞描述 The plugin does not sanitise and escape some parameters before outputting them back in some pages, lead...
2023年7月20日 16:41CVE-2023-37728: IceWarp Webmail Server v10.2.1 – Cross Site Scripting
漏洞标题 CVE-2023-37728: IceWarp Webmail Server v10.2.1 - Cross Site Scripting 漏洞描述 Icewarp Icearp v10.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability ...
2023年5月20日 10:23CVE-2023-0678: PHPIPAM
漏洞标题 CVE-2023-0678: PHPIPAM <v1.5.1 - Missing Authorization 漏洞描述 In phpIPAM 1.5.1, an unauthenticated user could download the list of high-usage IP subnets that contains...
2023年12月25日 21:12CVE-2023-4666: Form-Maker < 1.15.20 - Unauthenticated Arbitrary File Upload
漏洞标题 CVE-2023-4666: Form-Maker < 1.15.20 - Unauthenticated Arbitrary File Upload 漏洞描述 The plugin does not validate signatures when creating them on the server from user ...
2023年1月27日 20:09Ureport v2.1.7 CVE-2023-24189 XXE漏洞
漏洞标题 Ureport v2.1.7 CVE-2023-24189 XXE漏洞 漏洞描述 Ureport v2.1.7 CVE-2023-24189 XXE漏洞 日期: 2024-02-07 | 影响软件: Ureport v2.1.7 | PoC代码
2023年11月29日 10:05CVE-2023-48777: WordPress Elementor 3.18.1 – File Upload/Remote Code Execution
漏洞标题 CVE-2023-48777: WordPress Elementor 3.18.1 - File Upload/Remote Code Execution 漏洞描述 The plugin is vulnerable to Remote Code Execution via file upload via the template ...
2023年3月29日 18:45CVE-2023-41538: PHPJabbers PHP Forum Script 3.0 – Cross-Site Scripting
漏洞标题 CVE-2023-41538: PHPJabbers PHP Forum Script 3.0 - Cross-Site Scripting 漏洞描述 PhpJabbers PHP Forum Script 3.0 is vulnerable to Cross Site Scripting (XSS) via the keyword...
2023年9月9日 07:44CVE-2023-27637: PrestaShop `tshirtecommerce` Module – SQL Injection
漏洞标题 CVE-2023-27637: PrestaShop `tshirtecommerce` Module - SQL Injection 漏洞描述 The tshirtecommerce module for PrestaShop is vulnerable to unauthenticated SQL injection via t...
2023年8月24日 21:19Adobe ColdFusion base.cfc 存在远程命令执行漏洞 (CVE-2023-38204)
漏洞标题 Adobe ColdFusion base.cfc 存在远程命令执行漏洞 (CVE-2023-38204) 漏洞描述 AdobeColdFusion是美国奥多比(Adobe)公司的一套快速应用程序开发平台。该平台存在JNDI 利用链,实现了命...
2023年4月8日 01:12CVE-2023-25157: GeoServer OGC Filter – SQL Injection
漏洞标题 CVE-2023-25157: GeoServer OGC Filter - SQL Injection 漏洞描述 GeoServer is an open source software server written in Java that allows users to share and edit geospatial da...
2023年6月20日 07:01CVE-2023-22629: TitanFTP move-file Function ≤ 1.94.1205 – Path Traversal
漏洞标题 CVE-2023-22629: TitanFTP move-file Function ≤ 1.94.1205 - Path Traversal 漏洞描述 TitanFTP versions up to 1.94.1205 contain a path traversal vulnerability in the move-fil...
2023年4月2日 03:50CVE-2023-46574: TOTOLINK A3700R – Command Injection
漏洞标题 CVE-2023-46574: TOTOLINK A3700R - Command Injection 漏洞描述 An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the ...
2023年8月21日 10:28CVE-2023-27032: PrestaShop AdvancedPopupCreator – SQL Injection
漏洞标题 CVE-2023-27032: PrestaShop AdvancedPopupCreator - SQL Injection 漏洞描述 In the module “Advanced Popup Creator” (advancedpopupcreator) from Idnovate for PrestaShop, a gu...
2023年9月27日 08:37CVE-2023-43472: MLFlow < 2.8.1 - Sensitive Information Disclosure
漏洞标题 CVE-2023-43472: MLFlow < 2.8.1 - Sensitive Information Disclosure 漏洞描述 An issue in MLFlow versions 2.8.1 and before allows a remote attacker to obtain sensitive inf...
2023年11月5日 20:12
