排序
CVE-2023-2059: DedeCMS 5.7.87 – Directory Traversal
漏洞标题 CVE-2023-2059: DedeCMS 5.7.87 - Directory Traversal 漏洞描述 Directory traversal vulnerability in DedeCMS 5.7.87 allows reading sensitive files via the $activepath paramet...
2023年4月15日 21:19CVE-2023-30013: TOTOLink – Unauthenticated Command Injection
漏洞标题 CVE-2023-30013: TOTOLink - Unauthenticated Command Injection 漏洞描述 TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion vulnera...
2023年11月2日 21:41CVE-2023-5074: D-Link D-View 8 v2.0.1.28 – Authentication Bypass
漏洞标题 CVE-2023-5074: D-Link D-View 8 v2.0.1.28 - Authentication Bypass 漏洞描述 Use of a static key to protect a JWT token used in user authentication can allow an for an authen...
2023年7月25日 20:43CVE-2023-4911: Looney Tunables Linux – Local Privilege Escalation
漏洞标题 CVE-2023-4911: Looney Tunables Linux - Local Privilege Escalation 漏洞描述 A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processi...
2023年11月3日 18:52CVE-2023-3710: Honeywell PM43 Printers – Command Injection
漏洞标题 CVE-2023-3710: Honeywell PM43 Printers - Command Injection 漏洞描述 Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) all...
2023年11月24日 08:17CVE-2023-5556: Structurizr on-premises – Cross Site Scripting
漏洞标题 CVE-2023-5556: Structurizr on-premises - Cross Site Scripting 漏洞描述 Cross-site Scripting (XSS) - Reflected in GitHub repository structurizr/onpremises prior to 3194. Po...
2023年6月23日 13:56CVE-2023-2986: Abandoned Cart Lite for WooCommerce – Authentication Bypass
漏洞标题 CVE-2023-2986: Abandoned Cart Lite for WooCommerce - Authentication Bypass 漏洞描述 The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentic...
2023年1月12日 16:21CVE-2023-1408: Video List Manager <= 1.7 - SQL Injection
漏洞标题 CVE-2023-1408: Video List Manager <= 1.7 - SQL Injection 漏洞描述 The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leadi...
2023年10月25日 04:07CVE-2023-0099: Simple URLs < 115 - Cross Site Scripting
漏洞标题 CVE-2023-0099: Simple URLs < 115 - Cross Site Scripting 漏洞描述 The plugin does not sanitise and escape some parameters before outputting them back in some pages, lead...
2023年7月20日 16:41CVE-2023-37728: IceWarp Webmail Server v10.2.1 – Cross Site Scripting
漏洞标题 CVE-2023-37728: IceWarp Webmail Server v10.2.1 - Cross Site Scripting 漏洞描述 Icewarp Icearp v10.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability ...
2023年5月20日 10:23CVE-2023-0678: PHPIPAM
漏洞标题 CVE-2023-0678: PHPIPAM <v1.5.1 - Missing Authorization 漏洞描述 In phpIPAM 1.5.1, an unauthenticated user could download the list of high-usage IP subnets that contains...
2023年12月25日 21:12CVE-2023-4666: Form-Maker < 1.15.20 - Unauthenticated Arbitrary File Upload
漏洞标题 CVE-2023-4666: Form-Maker < 1.15.20 - Unauthenticated Arbitrary File Upload 漏洞描述 The plugin does not validate signatures when creating them on the server from user ...
2023年1月27日 20:09Ureport v2.1.7 CVE-2023-24189 XXE漏洞
漏洞标题 Ureport v2.1.7 CVE-2023-24189 XXE漏洞 漏洞描述 Ureport v2.1.7 CVE-2023-24189 XXE漏洞 日期: 2024-02-07 | 影响软件: Ureport v2.1.7 | PoC代码
2023年11月29日 10:05CVE-2023-0236: WordPress Tutor LMS <2.0.10 - Cross Site Scripting
漏洞标题 CVE-2023-0236: WordPress Tutor LMS <2.0.10 - Cross Site Scripting 漏洞描述 WordPress Tutor LMS plugin before 2.0.10 contains a cross-site scripting vulnerability. The p...
2023年5月13日 13:56CVE-2023-47873: WordPress WP Child Theme Generator < 1.1.3 - Arbitrary File Upload
漏洞标题 CVE-2023-47873: WordPress WP Child Theme Generator < 1.1.3 - Arbitrary File Upload 漏洞描述 Unrestricted Upload of File with Dangerous Type vulnerability in WEN Solutio...
2023年8月25日 10:11CVE-2023-5815: News & Blog Designer Pack – WordPress Blog Plugin <= 3.4.1 - Unauthenticated Local File Inclusion
漏洞标题 CVE-2023-5815: News & Blog Designer Pack – WordPress Blog Plugin <= 3.4.1 - Unauthenticated Local File Inclusion 漏洞描述 The News & Blog Designer Pack WordPre...
2023年11月30日 05:12
