排序
CVE-2023-40755: PHPJabbers Callback Widget v1.0 – Cross-Site Scripting
漏洞标题 CVE-2023-40755: PHPJabbers Callback Widget v1.0 - Cross-Site Scripting 漏洞描述 There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of p...
2023年8月21日 03:14CVE-2023-27639: PrestaShop TshirteCommerce – Directory Traversal
漏洞标题 CVE-2023-27639: PrestaShop TshirteCommerce - Directory Traversal 漏洞描述 The Custom Product Designer (tshirtecommerce) module for PrestaShop allows HTTP requests to be fo...
2023年2月13日 22:02CVE-2023-34020: Uncanny Toolkit for LearnDash – Open Redirection
漏洞标题 CVE-2023-34020: Uncanny Toolkit for LearnDash - Open Redirection 漏洞描述 A vulnerability in the WordPress Uncanny Toolkit for LearnDash Plugin allowed malicious actors to...
2023年8月4日 20:20CVE-2023-40931: Nagios XI v5.11.0 – SQL Injection
漏洞标题 CVE-2023-40931: Nagios XI v5.11.0 - SQL Injection 漏洞描述 A SQL injection vulnerability in Nagios XI from version 5.11.0 up to and including 5.11.1 allows authenticated a...
2023年12月12日 11:49CVE-2023-22463: KubePi JwtSigKey 登陆绕过漏洞
漏洞标题 CVE-2023-22463: KubePi JwtSigKey 登陆绕过漏洞 漏洞描述 KubePi 中存在 JWT硬编码,攻击者通过硬编码可以获取服务器后台管理权限,添加任意用户 fofa: "kubepi" PoC代码
2023年4月15日 20:49CVE-2023-40748: PHPJabbers Food Delivery Script – SQL Injection
漏洞标题 CVE-2023-40748: PHPJabbers Food Delivery Script - SQL Injection 漏洞描述 PHPJabbers Food Delivery Script 3.0 has a SQL injection (SQLi) vulnerability in the "q" ...
2023年3月24日 18:37CVE-2023-4911: Looney Tunables Linux – Local Privilege Escalation
漏洞标题 CVE-2023-4911: Looney Tunables Linux - Local Privilege Escalation 漏洞描述 A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processi...
2023年3月27日 12:28CVE-2023-26842: ChurchCRM 4.5.3 – Cross-Site Scripting
漏洞标题 CVE-2023-26842: ChurchCRM 4.5.3 - Cross-Site Scripting 漏洞描述 A stored Cross-site scripting (XSS) vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbi...
2023年12月2日 05:43CVE-2023-6389: WordPress Toolbar <= 2.2.6 - Open Redirect
漏洞标题 CVE-2023-6389: WordPress Toolbar <= 2.2.6 - Open Redirect 漏洞描述 The plugin redirects to any URL via the "wptbto" parameter. This makes it possible for unau...
2023年12月21日 03:19CVE-2023-4542: D-Link DAR-8000-10 – Command Injection
漏洞标题 CVE-2023-4542: D-Link DAR-8000-10 - Command Injection 漏洞描述 D-Link DAR-8000-10 version has an operating system command injection vulnerability. The vulnerability origin...
2023年9月29日 07:54CVE-2023-30150: PrestaShop leocustomajax 1.0 & 1.0.0 – SQL Injection
漏洞标题 CVE-2023-30150: PrestaShop leocustomajax 1.0 & 1.0.0 - SQL Injection 漏洞描述 PrestaShop leocustomajax 1.0 and 1.0.0 are vulnerable to SQL Injection via modules/leocus...
2023年12月18日 17:44CVE-2023-4450: JeecgBoot JimuReport – Template injection
漏洞标题 CVE-2023-4450: JeecgBoot JimuReport - Template injection 漏洞描述 A vulnerability was found in jeecgboot JimuReport up to 1.6.0. It has been declared as critical. Affected...
2023年2月23日 04:36CVE-2023-32315-2: Openfire身份认证绕过漏洞
漏洞标题 CVE-2023-32315-2: Openfire身份认证绕过漏洞 漏洞描述 Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web...
2023年3月14日 13:24CVE-2023-42793: JetBrains TeamCity < 2023.05.4 - Remote Code Execution
漏洞标题 CVE-2023-42793: JetBrains TeamCity < 2023.05.4 - Remote Code Execution 漏洞描述 In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity ...
2023年5月2日 20:39CVE-2023-26256: STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion
漏洞标题 CVE-2023-26256: STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion 漏洞描述 STAGIL Navigation for Jira Menu & Themes plugin before 2.0.52 i...
2023年11月3日 03:54CVE-2023-27847: PrestaShop xipblog – SQL Injection
漏洞标题 CVE-2023-27847: PrestaShop xipblog - SQL Injection 漏洞描述 In the blog module (xipblog), an anonymous user can perform SQL injection. Even though the module has been patc...
2023年3月5日 17:16
