排序
CVE-2025-51586: PrestaShop – Information Disclosure
漏洞标题 CVE-2025-51586: PrestaShop - Information Disclosure 漏洞描述 User enumeration vulnerability in the AdminLogin controller in PrestaShop 1.7 through 8.2.2 allows remote atta...
2025年1月9日 16:06CVE-2025-40630: IceWarp Mail Server ≤11.4.0 – Open Redirect
漏洞标题 CVE-2025-40630: IceWarp Mail Server ≤11.4.0 - Open Redirect 漏洞描述 IceWarp Mail Server version 11.4.0 and below contains an open redirect vulnerability that allows atta...
2025年10月11日 07:11CVE-2025-51502: Microweber CMS 2.0 – Reflected XSS in Admin Page Creation
漏洞标题 CVE-2025-51502: Microweber CMS 2.0 - Reflected XSS in Admin Page Creation 漏洞描述 Reflected Cross-Site Scripting (XSS) exists in Microweber CMS 2.0 through the layout par...
2025年1月30日 00:12CVE-2025-24963: Vitest Browser Mode – Local File Read
漏洞标题 CVE-2025-24963: Vitest Browser Mode - Local File Read 漏洞描述 Vitest is a testing framework powered by Vite. The `__screenshot-error` handler on the browser mode HTTP ser...
2025年10月18日 19:22CVE-2025-51501: Microweber CMS2.0 – Cross-Site Scripting
漏洞标题 CVE-2025-51501: Microweber CMS2.0 - Cross-Site Scripting 漏洞描述 Reflected Cross-Site Scripting (XSS) in the `id` parameter of the `live_edit.module_settings` API endpoin...
2025年2月2日 23:21CVE-2025-29925: XWiki REST API – Private Pages Disclosure
漏洞标题 CVE-2025-29925: XWiki REST API - Private Pages Disclosure 漏洞描述 A vulnerability in XWiki's REST API allows unauthenticated users to access information about privat...
2025年2月6日 22:10CVE-2025-26319: FlowiseAI Flowise <= 2.2.6 - Arbitrary File Upload
漏洞标题 CVE-2025-26319: FlowiseAI Flowise <= 2.2.6 - Arbitrary File Upload 漏洞描述 FlowiseAI Flowise version 2.2.6 and below contains an arbitrary file upload vulnerability in...
2025年10月18日 22:50CVE-2025-2711: Yonyou UFIDA ERP-NC V5.0 – Cross-Site Scripting
漏洞标题 CVE-2025-2711: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting 漏洞描述 Yonyou UFIDA ERP-NC V5.0 is vulnerable to reflected cross-site scripting (XSS) via the langcode par...
2025年6月10日 13:12CVE-2025-53118: Securden Unified PAM – Authentication Bypass
漏洞标题 CVE-2025-53118: Securden Unified PAM - Authentication Bypass 漏洞描述 An authentication bypass vulnerability exists which allows an unauthenticated attacker to control adm...
2025年9月4日 17:58CVE-2025-2075: Uncanny Automator <= 6.3.0.2 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation
漏洞标题 CVE-2025-2075: Uncanny Automator <= 6.3.0.2 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation 漏洞描述 The Uncanny Automator - Easy Automation...
2025年2月4日 12:26CVE-2025-64446: FortiWeb – Authentication Bypass
漏洞标题 CVE-2025-64446: FortiWeb - Authentication Bypass 漏洞描述 A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, F...
2025年4月15日 16:24CVE-2025-45985: Blink Router – Command Injection
漏洞标题 CVE-2025-45985: Blink Router - Command Injection 漏洞描述 Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0,...
2025年6月1日 01:40CVE-2025-52665: UniFi Access – Broken Access Control
漏洞标题 CVE-2025-52665: UniFi Access - Broken Access Control 漏洞描述 UniFi Access Application 3.3.22 through 3.4.31 contains a broken authentication caused by misconfiguration ex...
2025年5月17日 23:49CVE-2025-44177: White Star Software ProTop – Directory Traversal
漏洞标题 CVE-2025-44177: White Star Software ProTop - Directory Traversal 漏洞描述 A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2-20...
2025年7月14日 02:22CVE-2025-34026: Versa Concerto Actuator Endpoint – Authentication Bypass
漏洞标题 CVE-2025-34026: Versa Concerto Actuator Endpoint - Authentication Bypass 漏洞描述 An authentication bypass vulnerability affected the Spring Boot Actuator endpoints in Ver...
2025年6月10日 20:51(CVE-2025-29927) Next.js 中间件授权检查绕过漏洞
漏洞标题 (CVE-2025-29927) Next.js 中间件授权检查绕过漏洞 漏洞描述 (CVE-2025-29927) Next.js 中间件授权检查绕过漏洞 PoC代码 暂无
2025年8月1日 06:23
