漏洞标题 CVE-2023-5003: Active Directory Integration WP Plugin < 4.1.10 - Log Disclosure 漏洞描述 The Active Directory Integration / LDAP Integration WordPress plugin before 4.1...

漏洞标题 Adobe ColdFusion //CFIDE/wizards/common/utils.cfc 权限绕过漏洞 （CVE-2023-29298） 漏洞描述 Adobe ColdFusion 是一种广泛用于企业级 Web 应用开发的工具，支持专有标记语言以构建...

漏洞标题 CVE-2023-50719: XWiki < 4.10.15 - Sensitive Information Disclosure 漏洞描述 XWiki Platform is a generic wiki platform. Starting in 7.2-milestone-2 and prior to versions...

漏洞标题 CVE-2023-39108: rConfig 3.9.4 - Server-Side Request Forgery 漏洞描述 rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_b parameter...

漏洞标题 CVE-2023-43472: MLFlow < 2.8.1 - Sensitive Information Disclosure 漏洞描述 An issue in MLFlow versions 2.8.1 and before allows a remote attacker to obtain sensitive inf...

漏洞标题 CVE-2023-32007: Apache Spark远程代码执行漏洞 漏洞描述 Apache Spark 3.4.0之前版本存在命令注入漏洞，该漏洞源于如果ACL启用后，HttpSecurityFilter中的代码路径可以允许通过提供任...

漏洞标题 CVE-2023-6895: Hikvision IP ping.php - Command Execution 漏洞描述 A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It has b...

漏洞标题 CVE-2023-35813: Sitecore - Remote Code Execution 漏洞描述 Multiple Sitecore products allow remote code execution. This affects Experience Manager, Experience Platform, and...

漏洞标题 CVE-2023-2518: WordPress Easy Forms for Mailchimp Plugin < 6.8.9 - Cross-Site Scripting 漏洞描述 The Easy Forms for Mailchimp plugin before version 6.8.9 contains a ref...

漏洞标题 CVE-2023-0236: WordPress Tutor LMS <2.0.10 - Cross Site Scripting 漏洞描述 WordPress Tutor LMS plugin before 2.0.10 contains a cross-site scripting vulnerability. The p...

漏洞标题 CVE-2023-47873: WordPress WP Child Theme Generator < 1.1.3 - Arbitrary File Upload 漏洞描述 Unrestricted Upload of File with Dangerous Type vulnerability in WEN Solutio...

漏洞标题 CVE-2023-6360: WordPress My Calendar <3.4.22 - SQL Injection 漏洞描述 WordPress My Calendar plugin versions before 3.4.22 are vulnerable to an unauthenticated SQL injec...

漏洞标题 CVE-2023-0948: WordPress Japanized for WooCommerce <2.5.8 - Cross-Site Scripting 漏洞描述 WordPress Japanized for WooCommerce plugin before 2.5.8 is susceptible to cros...

漏洞标题 CVE-2023-33629: H3C Magic R300-2100M - Remote Code Execution 漏洞描述 H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the Deltrigg...

漏洞标题 CVE-2023-5561: WordPress Core - Post Author Email Disclosure 漏洞描述 WordPress Core is vulnerable to Sensitive Information Exposure in versions between 4.7.0 and 6.3.1 vi...

漏洞标题 CVE-2023-27032: PrestaShop AdvancedPopupCreator - SQL Injection 漏洞描述 In the module “Advanced Popup Creator” (advancedpopupcreator) from Idnovate for PrestaShop, a gu...