排序
CVE-2024-58136: Yii2 PHP Framework < 2.0.52 - Remote Code Execution
漏洞标题 CVE-2024-58136: Yii2 PHP Framework < 2.0.52 - Remote Code Execution 漏洞描述 Yii2 PHP Framework before 2.0.52 is vulnerable to remote code execution via improper valida...
2024年5月9日 15:26CVE-2024-8522: LearnPress < 4.2.7.1 - SQL Injection
漏洞标题 CVE-2024-8522: LearnPress < 4.2.7.1 - SQL Injection 漏洞描述 The LearnPress - WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the 'c_o...
2024年12月29日 00:57CVE-2024-28000: WordPress LiteSpeed Cache – Unauthenticated Privilege Escalation to Admin
漏洞标题 CVE-2024-28000: WordPress LiteSpeed Cache - Unauthenticated Privilege Escalation to Admin 漏洞描述 Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies L...
2024年10月9日 00:04CVE-2024-21887: Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) – Command Injection
漏洞标题 CVE-2024-21887: Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) - Command Injection 漏洞描述 A command injection vulnerability in web components of ...
2024年12月7日 21:48CVE-2024-38289: TurboMeeting – Boolean-based SQL Injection
漏洞标题 CVE-2024-38289: TurboMeeting - Boolean-based SQL Injection 漏洞描述 A Boolean-based SQL injection vulnerability in the "RHUB TurboMeeting" web application. This ...
2024年2月24日 14:21CVE-2024-12760: BentoML v1.3.9 – Open Redirect
漏洞标题 CVE-2024-12760: BentoML v1.3.9 - Open Redirect 漏洞描述 An open redirect vulnerability exists in BentoML v1.3.9, where the file parameter in the /ui/gradio_api/file= endpo...
2024年9月28日 22:52CVE-2024-6220: WordPress Keydatas ≤ 2.5.2 – Arbitrary File Upload
漏洞标题 CVE-2024-6220: WordPress Keydatas ≤ 2.5.2 - Arbitrary File Upload 漏洞描述 The Keydatas plugin for WordPress (known in Chinese as "简数采集器") is vulnerable to...
2024年12月9日 18:27CVE-2024-38653: Ivanti Avalanche SmartDeviceServer – XML External Entity
漏洞标题 CVE-2024-38653: Ivanti Avalanche SmartDeviceServer - XML External Entity 漏洞描述 XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attack...
2024年5月14日 22:54CVE-2024-10783: WordPress Plugin MainWP Child – Authentication Bypass
漏洞标题 CVE-2024-10783: WordPress Plugin MainWP Child - Authentication Bypass 漏洞描述 The plugin is vulnerable to an authentication bypass that allows an unauthenticated user to ...
2024年10月27日 00:30(CVE-2024-1071) WordPress 插件 代码注入漏洞
漏洞标题 (CVE-2024-1071) WordPress 插件 代码注入漏洞 漏洞描述 (CVE-2024-1071) WordPress 插件 代码注入漏洞 PoC代码 暂无
2024年3月22日 21:33CVE-2024-21645: pyload – Log Injection
漏洞标题 CVE-2024-21645: pyload - Log Injection 漏洞描述 A log injection vulnerability was identified in pyload. This vulnerability allows any unauthenticated actor to inject arbit...
2024年12月22日 15:31CVE-2024-38472: Apache HTTPd Windows UNC – Server-Side Request Forgery
漏洞标题 CVE-2024-38472: Apache HTTPd Windows UNC - Server-Side Request Forgery 漏洞描述 SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious...
2024年10月18日 20:35CVE-2024-34257: TOTOLINK EX1800T TOTOLINK EX1800T – Command Injection
漏洞标题 CVE-2024-34257: TOTOLINK EX1800T TOTOLINK EX1800T - Command Injection 漏洞描述 TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypType paramete...
2024年7月17日 13:25CVE-2024-32640: Mura/Masa CMS – SQL Injection
漏洞标题 CVE-2024-32640: Mura/Masa CMS - SQL Injection 漏洞描述 The Mura/Masa CMS is vulnerable to SQL Injection. PoC代码
2024年12月26日 23:30CVE-2024-12987: DrayTek Vigor – Command Injection
漏洞标题 CVE-2024-12987: DrayTek Vigor - Command Injection 漏洞描述 DrayTek Gateway devices (Vigor2960, Vigor300B, etc.) are vulnerable to command injection via the session paramet...
2024年6月16日 08:10CVE-2024-7339: TVT DVR Sensitive Device – Information Disclosure
漏洞标题 CVE-2024-7339: TVT DVR Sensitive Device - Information Disclosure 漏洞描述 A vulnerability has been found in TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-40...
2024年6月26日 20:52
