漏洞标题 CVE-2024-21887: Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) - Command Injection 漏洞描述 A command injection vulnerability in web components of ...

漏洞标题 CVE-2024-50477: WordPress Stacks Mobile App Builder <=5.2.3 - Authentication Bypass 漏洞描述 Stacks Mobile App Builder WordPress plugin ≤ 5.2.3 suffers from an authent...

漏洞标题 CVE-2024-4455: YITH WooCommerce Ajax Search <= 2.4.0 - Cross-Site Scripting 漏洞描述 The YITH WooCommerce Ajax Search plugin for WordPress is vulnerable to Stored Cross...

漏洞标题 CVE-2024-42640: Angular-Base64-Upload - Remote Code Execution 漏洞描述 angular-base64-upload prior to v0.1.21 is vulnerable to unauthenticated remote code execution via de...

漏洞标题 CVE-2024-0799: Arcserve Unified Data Protection - Authentication Bypass 漏洞描述 An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and ...

漏洞标题 CVE-2024-35627: TileServer API - Cross Site Scripting 漏洞描述 tileserver-gl up to v4.4.10 was discovered to contain a cross-site scripting (XSS) vulnerability via the com...

漏洞标题 CVE-2024-34257: TOTOLINK EX1800T TOTOLINK EX1800T - Command Injection 漏洞描述 TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypType paramete...

漏洞标题 CVE-2024-13726: Themes Coder Ecommerce <= 1.3.4 - SQL Injection 漏洞描述 The Themes Coder Ecommerce WordPress plugin through 1.3.4 does not properly sanitise and escape...

漏洞标题 CVE-2024-48651: ProFTPD ≤ 1.3.8b - Privilege Escalation via mod_sql 漏洞描述 ProFTPD versions through 1.3.8b (before commit cec01cc) contain a vulnerability in the mod_sq...

漏洞标题 CVE-2024-10486: Google for WooCommerce <= 2.8.6 - Information Disclosure via Publicly Accessible PHP Info File 漏洞描述 The Google for WooCommerce plugin for WordPress ...

漏洞标题 CVE-2024-34257: TOTOLINK EX1800T TOTOLINK EX1800T - Command Injection 漏洞描述 TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypType paramete...

漏洞标题 CVE-2024-0986: Issabel Authenticated - Remote Code Execution 漏洞描述 A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects som...

漏洞标题 CVE-2024-51568: CyberPanel - Command Injection 漏洞描述 CyberPanel (aka Cyber Panel) before 2.3.5 allows Command Injection via completePath in the ProcessUtilities.outputE...

漏洞标题 CVE-2024-38653: Ivanti Avalanche SmartDeviceServer - XML External Entity 漏洞描述 XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attack...

漏洞标题 CVE-2024-9487: GitHub Enterprise - SAML Authentication Bypass 漏洞描述 An improper verification of cryptographic signature vulnerability was identified in GitHub Enterpris...

漏洞标题 CVE-2024-13726: Themes Coder Ecommerce <= 1.3.4 - SQL Injection 漏洞描述 The Themes Coder Ecommerce WordPress plugin through 1.3.4 does not properly sanitise and escape...