排序
CVE-2024-37728: OfficeWeb365 Indexs Interface – Arbitrary File Read
漏洞标题 CVE-2024-37728: OfficeWeb365 Indexs Interface - Arbitrary File Read 漏洞描述 There is any file reading in the officeWeb365 Indexs interface. PoC代码
2024年2月29日 15:27CVE-2024-13979: St. Joe ERP system – SQL Injection
漏洞标题 CVE-2024-13979: St. Joe ERP system - SQL Injection 漏洞描述 A SQL injection vulnerability exists in the St. Joe ERP system ("圣乔ERP系统") that allows unauthenti...
2024年2月29日 11:56CVE-2024-27115: SOPlanning – Remote Code Execution
漏洞标题 CVE-2024-27115: SOPlanning - Remote Code Execution 漏洞描述 Detects a remote code execution vulnerability in SOPlanning version 1.52.01 through authenticated PHP file uplo...
2024年2月29日 02:10CVE-2024-8425: WooCommerce Ultimate Gift Card ≤ 2.6.0 – Arbitrary File Upload
漏洞标题 CVE-2024-8425: WooCommerce Ultimate Gift Card ≤ 2.6.0 - Arbitrary File Upload 漏洞描述 The WooCommerce Ultimate Gift Card plugin for WordPress is vulnerable to arbitrary ...
2024年2月28日 20:40CVE-2024-1380: Relevanssi (A Better Search) <= 4.22.0 - Query Log Export
漏洞标题 CVE-2024-1380: Relevanssi (A Better Search) <= 4.22.0 - Query Log Export 漏洞描述 The Relevanssi Search plugin for WordPress is vulnerable to unauthorized access of dat...
2024年2月28日 16:42Apache OFBiz /viewdatafile 代码执行漏洞(CVE-2024-45195)
漏洞标题 Apache OFBiz /viewdatafile 代码执行漏洞(CVE-2024-45195) 漏洞描述 Apache OFBiz是一个开源企业资源规划(ERP)系统。它提供了一套企业应用程序,集成并自动化企业的许多业务流程...
2024年2月28日 16:20CVE-2024-48248: NAKIVO Backup and Replication Solution – Unauthenticated Arbitrary File Read
漏洞标题 CVE-2024-48248: NAKIVO Backup and Replication Solution - Unauthenticated Arbitrary File Read 漏洞描述 NAKIVO Backup & Replication is a data protection solution used fo...
2024年2月28日 13:42CVE-2024-5230: FleetCart 4.1.1 – Information Disclosure
漏洞标题 CVE-2024-5230: FleetCart 4.1.1 - Information Disclosure 漏洞描述 Issues with information disclosure in redirect responses. Accessing the majority of the website's pag...
2024年2月28日 13:19CVE-2024-9617: Danswer – Insecure Direct Object Reference
漏洞标题 CVE-2024-9617: Danswer - Insecure Direct Object Reference 漏洞描述 The application does not verify whether the attacker is the creator of the file, allowing the attacker t...
2024年2月28日 12:52CVE-2024-47062: Navidrome < 0.53.0 - Authenticated SQL Injection
漏洞标题 CVE-2024-47062: Navidrome < 0.53.0 - Authenticated SQL Injection 漏洞描述 Navidrome is an open source web-based music collection server and streamer. Navidrome automati...
2024年2月28日 06:29CVE-2024-23897: Jenkins < 2.441 - Arbitrary File Read
漏洞标题 CVE-2024-23897: Jenkins < 2.441 - Arbitrary File Read 漏洞描述 Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser t...
2024年2月28日 05:55CVE-2024-10486: Google for WooCommerce <= 2.8.6 - Information Disclosure via Publicly Accessible PHP Info File
漏洞标题 CVE-2024-10486: Google for WooCommerce <= 2.8.6 - Information Disclosure via Publicly Accessible PHP Info File 漏洞描述 The Google for WooCommerce plugin for WordPress ...
2024年2月27日 22:57CVE-2024-13160: Ivanti EPM – Credential Coercion Vulnerability in GetHashForWildcard
漏洞标题 CVE-2024-13160: Ivanti EPM - Credential Coercion Vulnerability in GetHashForWildcard 漏洞描述 A vulnerability in Ivanti Endpoint Manager (EPM) allows an unauthenticated at...
2024年2月27日 20:50CVE-2024-34470: HSC Mailinspector 5.2.17-3 through 5.2.18 – Local File Inclusion
漏洞标题 CVE-2024-34470: HSC Mailinspector 5.2.17-3 through 5.2.18 - Local File Inclusion 漏洞描述 An Unauthenticated Path Traversal vulnerability exists in the /public/loaderphp f...
2024年2月27日 16:38CVE-2024-43919: YARPP <= 5.30.10 - Missing Authorization
漏洞标题 CVE-2024-43919: YARPP <= 5.30.10 - Missing Authorization 漏洞描述 The YARPP Yet Another Related Posts Plugin plugin for WordPress is vulnerable to unauthorized access d...
2024年2月27日 09:27Arcserve Unified Data Protection CVE-2024-0801 拒绝服务漏洞
漏洞标题 Arcserve Unified Data Protection CVE-2024-0801 拒绝服务漏洞 漏洞描述 Arcserve Unified Data Protection存在拒绝服务漏洞,此漏洞是由于EdgeServiceConsoleImpl接口对用户的请求验...
2024年2月27日 02:04
