排序
CVE-2024-55457: MasterSAM Star Gate v11 – Local File Inclusion
漏洞标题 CVE-2024-55457: MasterSAM Star Gate v11 - Local File Inclusion 漏洞描述 MasterSAM Star Gate v11 is vulnerable to a directory traversal attack via the endpoint /adama/adama...
2024年8月31日 05:09CVE-2024-4340: sqlparse – Denial of Service
漏洞标题 CVE-2024-4340: sqlparse - Denial of Service 漏洞描述 Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError. PoC代码
2024年12月19日 19:20CVE-2024-36412: SuiteCRM – SQL Injection
漏洞标题 CVE-2024-36412: SuiteCRM - SQL Injection 漏洞描述 SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6....
2024年8月28日 03:23CVE-2024-2876: WordPress Email Subscribers by Icegram Express – SQL Injection
漏洞标题 CVE-2024-2876: Wordpress Email Subscribers by Icegram Express - SQL Injection 漏洞描述 The Email Subscribers by Icegram Express - Email Marketing, Newsletters, Automation ...
2024年3月10日 17:55CVE-2024-8963: Ivanti Cloud Services Appliance – Path Traversal
漏洞标题 CVE-2024-8963: Ivanti Cloud Services Appliance - Path Traversal 漏洞描述 Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to ...
2024年2月20日 04:35Apache OFBiz CVE-2024-32113 目录遍历漏洞
漏洞标题 Apache OFBiz CVE-2024-32113 目录遍历漏洞 漏洞描述 Apache OFBiz 存在目录遍历漏洞,此漏洞是由于未充分验证用户输入的url所导致的。 PoC代码 暂无
2024年11月17日 22:41CVE-2024-7954: SPIP Porte Plume Plugin – Remote Code Execution
漏洞标题 CVE-2024-7954: SPIP Porte Plume Plugin - Remote Code Execution 漏洞描述 The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbi...
2024年7月11日 16:21CVE-2024-10486: Google for WooCommerce <= 2.8.6 - Information Disclosure via Publicly Accessible PHP Info File
漏洞标题 CVE-2024-10486: Google for WooCommerce <= 2.8.6 - Information Disclosure via Publicly Accessible PHP Info File 漏洞描述 The Google for WooCommerce plugin for WordPress ...
2024年4月28日 01:17CVE-2024-25608: Liferay Portal – Open Redirect
漏洞标题 CVE-2024-25608: Liferay Portal - Open Redirect 漏洞描述 HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.18, and older unsupported versions, and Liferay DXP 7...
2024年6月28日 20:12CVE-2024-10914: D-Link NAS – Command Injection via Name Parameter
漏洞标题 CVE-2024-10914: D-Link NAS - Command Injection via Name Parameter 漏洞描述 A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It ...
2024年5月27日 12:30CVE-2024-46938: Sitecore Experience Platform <= 10.4 - Arbitrary File Read
漏洞标题 CVE-2024-46938: Sitecore Experience Platform <= 10.4 - Arbitrary File Read 漏洞描述 An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM...
2024年11月26日 05:25CVE-2024-27115: SOPlanning – Remote Code Execution
漏洞标题 CVE-2024-27115: SOPlanning - Remote Code Execution 漏洞描述 Detects a remote code execution vulnerability in SOPlanning version 1.52.01 through authenticated PHP file uplo...
2024年2月29日 02:10CVE-2024-36837: CRMEB v.5.2.2 – SQL Injection
漏洞标题 CVE-2024-36837: CRMEB v.5.2.2 - SQL Injection 漏洞描述 SQL Injection vulnerability in CRMEB v.5.2.2 allows a remote attacker to obtain sensitive information via the getPro...
2024年2月4日 10:32CVE-2024-4443: Business Directory Plugin <= 6.4.2 - SQL Injection
漏洞标题 CVE-2024-4443: Business Directory Plugin <= 6.4.2 - SQL Injection 漏洞描述 The Business Directory Plugin Easy Listing Directories for WordPress plugin for WordPress is ...
2024年2月11日 10:06CVE-2024-23897: Jenkins < 2.441 - Arbitrary File Read
漏洞标题 CVE-2024-23897: Jenkins < 2.441 - Arbitrary File Read 漏洞描述 Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser t...
2024年11月12日 09:32CVE-2024-0337: Travelpayouts <= 1.1.16 - Open Redirect
漏洞标题 CVE-2024-0337: Travelpayouts <= 1.1.16 - Open Redirect 漏洞描述 The plugin is vulnerable to Open Redirect due to insufficient validation on the travelpayouts_redirect v...
2024年5月21日 22:40
