排序
CVE-2024-32738: CyberPower – SQL Injection
漏洞标题 CVE-2024-32738: CyberPower - SQL Injection 漏洞描述 A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. PoC代码
2024年9月23日 23:49CVE-2024-11320: Pandora v7.0NG.777.3 – Remote Code Execution
漏洞标题 CVE-2024-11320: Pandora v7.0NG.777.3 - Remote Code Execution 漏洞描述 Arbitrary commands execution on the server by exploiting a command injection vulnerability in the LDA...
2024年9月23日 09:28CVE-2024-0986: Issabel Authenticated – Remote Code Execution
漏洞标题 CVE-2024-0986: Issabel Authenticated - Remote Code Execution 漏洞描述 A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects som...
2024年9月22日 18:02CVE-2024-30269: DataEase <= 2.4.1 - Sensitive Information Exposure
漏洞标题 CVE-2024-30269: DataEase <= 2.4.1 - Sensitive Information Exposure 漏洞描述 DataEase, an open source data visualization and analysis tool, has a database configuration ...
2024年9月22日 09:49CVE-2024-35694: WordPress WPMobile.App >= 11.42 – Cross-Site Scripting
漏洞标题 CVE-2024-35694: Wordpress WPMobile.App >= 11.42 - Cross-Site Scripting 漏洞描述 WPMobile.App versions up to 11.41 contain a reflected cross-site scripting (XSS) caused ...
2024年9月21日 20:20CVE-2024-7954: SPIP Porte Plume Plugin rce
漏洞标题 CVE-2024-7954: SPIP Porte Plume Plugin rce 漏洞描述 在4.30-alpha2、4.2.13和4.1.16之前的SPIP中使用的porte_plume插件存在任意代码执行漏洞。远程且未经认证的攻击者可以通过发送...
2024年9月21日 10:15CVE-2024-34470: HSC Mailinspector 5.2.17-3 through 5.2.18 – Local File Inclusion
漏洞标题 CVE-2024-34470: HSC Mailinspector 5.2.17-3 through 5.2.18 - Local File Inclusion 漏洞描述 An Unauthenticated Path Traversal vulnerability exists in the /public/loaderphp f...
2024年9月21日 02:02CVE-2024-36858: Jan v0.4.12 – Arbitrary File Upload
漏洞标题 CVE-2024-36858: Jan v0.4.12 - Arbitrary File Upload 漏洞描述 An arbitrary file upload vulnerability in the /v1/app/writeFileSync interface of Jan v0.4.12 allows attackers ...
2024年9月20日 23:37CVE-2024-58136: Yii2 PHP Framework < 2.0.52 - Remote Code Execution
漏洞标题 CVE-2024-58136: Yii2 PHP Framework < 2.0.52 - Remote Code Execution 漏洞描述 Yii2 PHP Framework before 2.0.52 is vulnerable to remote code execution via improper valida...
2024年9月20日 15:21CVE-2024-36683: PrestaShop productsalert – SQL Injection
漏洞标题 CVE-2024-36683: PrestaShop productsalert - SQL Injection 漏洞描述 In the module 'Products Alert' (productsalert) up to version 1.7.4 from Smart Modules for Prest...
2024年9月20日 12:14CVE-2024-42640: Angular-Base64-Upload – Remote Code Execution
漏洞标题 CVE-2024-42640: Angular-Base64-Upload - Remote Code Execution 漏洞描述 angular-base64-upload prior to v0.1.21 is vulnerable to unauthenticated remote code execution via de...
2024年9月20日 10:28CVE-2024-4956: Nexus Repository Manager 文件读取漏洞
漏洞标题 CVE-2024-4956: Nexus Repository Manager 文件读取漏洞 漏洞描述 Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed ...
2024年9月19日 16:17CVE-2024-6220: WordPress Keydatas ≤ 2.5.2 – Arbitrary File Upload
漏洞标题 CVE-2024-6220: WordPress Keydatas ≤ 2.5.2 - Arbitrary File Upload 漏洞描述 The Keydatas plugin for WordPress (known in Chinese as "简数采集器") is vulnerable to...
2024年9月19日 07:08CVE-2024-33326: LumisXP – Cross-site Scripting
漏洞标题 CVE-2024-33326: LumisXP - Cross-site Scripting 漏洞描述 A cross-site scripting (XSS) vulnerability in the XsltResultControllerHtml.jsp component of LumisXP v15.0.x to v16....
2024年9月19日 01:19CVE-2024-6220: WordPress Keydatas ≤ 2.5.2 – Arbitrary File Upload
漏洞标题 CVE-2024-6220: WordPress Keydatas ≤ 2.5.2 - Arbitrary File Upload 漏洞描述 The Keydatas plugin for WordPress (known in Chinese as "简数采集器") is vulnerable to...
2024年9月19日 00:57CVE-2024-6049: Lawo AG vsm LTC Time Sync (vTimeSync) – Path Traversal
漏洞标题 CVE-2024-6049: Lawo AG vsm LTC Time Sync (vTimeSync) - Path Traversal 漏洞描述 The web server of Lawo AG vsm LTC Time Sync (vTimeSync) is affected by a "..." (tr...
2024年9月18日 23:31
