排序
CVE-2024-9465: Palo Alto Expedition – SQL Injection
漏洞标题 CVE-2024-9465: Palo Alto Expedition - SQL Injection 漏洞描述 An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal E...
2024年2月4日 20:59CVE-2024-3822: Base64 Encoder/Decoder <= 0.9.2 - Cross-Site Scripting
漏洞标题 CVE-2024-3822: Base64 Encoder/Decoder <= 0.9.2 - Cross-Site Scripting 漏洞描述 The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not sanitise and escape a ...
2024年12月21日 11:47CVE-2024-23897: Jenkins < 2.441 - Arbitrary File Read
漏洞标题 CVE-2024-23897: Jenkins < 2.441 - Arbitrary File Read 漏洞描述 Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser t...
2024年5月20日 18:38CVE-2024-24328: TotoLink Router setMacFilterRules – Command Injection
漏洞标题 CVE-2024-24328: TotoLink Router setMacFilterRules - Command Injection 漏洞描述 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulner...
2024年4月6日 07:07CVE-2024-34257: TOTOLINK EX1800T TOTOLINK EX1800T – Command Injection
漏洞标题 CVE-2024-34257: TOTOLINK EX1800T TOTOLINK EX1800T - Command Injection 漏洞描述 TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypType paramete...
2024年2月8日 06:47Aviatrix Controller /v1/api 命令执行漏洞(CVE-2024-50603)
漏洞标题 Aviatrix Controller /v1/api 命令执行漏洞(CVE-2024-50603) 漏洞描述 Aviatrix Controller是一款强大的云网络管理平台,提供简化的跨云网络管理、自动化配置、安全策略、流量监控等...
2024年10月4日 21:59CVE-2024-33113: D-LINK DIR-845L bsc_sms_inbox.php file – Information Disclosure
漏洞标题 CVE-2024-33113: D-LINK DIR-845L bsc_sms_inbox.php file - Information Disclosure 漏洞描述 D-LINK DIR-845L <=v1.01KRb03 is vulnerable to Information disclosurey via bsc_s...
2024年4月19日 11:12CVE-2024-29138: WordPress Restrict User Access <= 2.5 - Cross-Site Scripting
漏洞标题 CVE-2024-29138: WordPress Restrict User Access <= 2.5 - Cross-Site Scripting 漏洞描述 WordPress Restrict User Access – Membership Plugin with Force versions before 2.6...
2024年11月3日 17:53CVE-2024-48248: NAKIVO Backup & Replication任意文件读取漏洞
漏洞标题 CVE-2024-48248: NAKIVO Backup & Replication任意文件读取漏洞 漏洞描述 NAKIVO Backup & Replication 是一款专注于虚拟化、云端及混合环境的备份与灾难恢复的解决方案。攻击...
2024年8月13日 05:01CVE-2024-50340: Symfony Profiler – Remote Access via Injected Arguments
漏洞标题 CVE-2024-50340: Symfony Profiler - Remote Access via Injected Arguments 漏洞描述 symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP ap...
2024年5月6日 20:26CVE-2024-4956: Sonatype Nexus Repository Manager 3 – Local File Inclusion
漏洞标题 CVE-2024-4956: Sonatype Nexus Repository Manager 3 - Local File Inclusion 漏洞描述 Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read...
2024年7月10日 04:24CVE-2024-42852: AcuToWeb server/10.5.0.7577c8b – Cross-Site Scripting
漏洞标题 CVE-2024-42852: AcuToWeb server/10.5.0.7577c8b - Cross-Site Scripting 漏洞描述 AcuToWeb server/10.5.0.7577c8b is vulnerable to reflected cross-site scripting (XSS) via the...
2024年9月24日 02:16CVE-2024-33288: Prison Management System – SQL Injection Authentication Bypass
漏洞标题 CVE-2024-33288: Prison Management System - SQL Injection Authentication Bypass 漏洞描述 Sql injection vulnerability was found on the login page in Prison Management System...
2024年7月18日 08:11CVE-2024-2876: WordPress Email Subscribers by Icegram Express – SQL Injection
漏洞标题 CVE-2024-2876: Wordpress Email Subscribers by Icegram Express - SQL Injection 漏洞描述 The Email Subscribers by Icegram Express - Email Marketing, Newsletters, Automation ...
2024年12月29日 10:04CVE-2024-33113: D-LINK DIR-845L bsc_sms_inbox.php file – Information Disclosure
漏洞标题 CVE-2024-33113: D-LINK DIR-845L bsc_sms_inbox.php file - Information Disclosure 漏洞描述 D-LINK DIR-845L <=v1.01KRb03 is vulnerable to Information disclosurey via bsc_s...
2024年8月26日 09:29CVE-2024-9264: Grafana Post-Auth DuckDB – SQL Injection To File Read
漏洞标题 CVE-2024-9264: Grafana Post-Auth DuckDB - SQL Injection To File Read 漏洞描述 The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` que...
2024年7月4日 19:38
