排序
CVE-2025-41243: Spring Cloud Gateway Server Webflux – Broken Access Control
漏洞标题 CVE-2025-41243: Spring Cloud Gateway Server Webflux - Broken Access Control 漏洞描述 Spring Cloud Gateway Server Webflux contains a vulnerability caused by unsecured and e...
2025年12月15日 15:39CVE-2025-34038: Fanwei e-cology – SQL Injection
漏洞标题 CVE-2025-34038: Fanwei e-cology - SQL Injection 漏洞描述 Fanwei e-cology 8.0 contains a sql injection caused by unsanitized user input in the sql parameter of getdata.jsp,...
2025年8月23日 13:12CVE-2025-49113: Roundcube Webmail – Remote Code Execution
漏洞标题 CVE-2025-49113: Roundcube Webmail - Remote Code Execution 漏洞描述 Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated us...
2025年3月30日 13:04CVE-2025-64095: DNN – Unrestricted Arbitrary File Upload
漏洞标题 CVE-2025-64095: DNN - Unrestricted Arbitrary File Upload 漏洞描述 DNN (formerly DotNetNuke) \u003C 10.1.1 contains an unrestricted file upload vulnerability caused by the ...
2025年7月29日 14:23(CVE-2025-54123) Hoverfly 中间件API命令注入漏洞
漏洞标题 (CVE-2025-54123) Hoverfly 中间件API命令注入漏洞 漏洞描述 (CVE-2025-54123) Hoverfly 中间件API命令注入漏洞 PoC代码 暂无
2025年11月25日 02:42CVE-2025-6851: WordPress Broken Link Notifier < 1.3.1 - Unauthenticated SSRF
漏洞标题 CVE-2025-6851: WordPress Broken Link Notifier < 1.3.1 - Unauthenticated SSRF 漏洞描述 The Broken Link Notifier plugin for WordPress is vulnerable to Server-Side Request...
2025年10月13日 20:05CVE-2025-9985: Featured Image from URL (FIFU) <= 5.2.7 - Unauthenticated Information Exposure via Log File
漏洞标题 CVE-2025-9985: Featured Image from URL (FIFU) <= 5.2.7 - Unauthenticated Information Exposure via Log File 漏洞描述 The Featured Image from URL (FIFU) plugin for WordPr...
2025年7月31日 11:25CVE-2025-46818: Redis Lua Sandbox < 8.2.2 - Cross-User Escape
漏洞标题 CVE-2025-46818: Redis Lua Sandbox < 8.2.2 - Cross-User Escape 漏洞描述 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow...
2025年8月10日 15:11CVE-2025-34040: Zhiyuan OA Platform – Arbitrary File Upload
漏洞标题 CVE-2025-34040: Zhiyuan OA Platform - Arbitrary File Upload 漏洞描述 An arbitrary file upload vulnerability exists in the Zhiyuan OA platform 5.0, 5.1 - 5.6sp1, 6.0 - 6.1s...
2025年4月26日 08:17CVE-2025-2010: WordPress JobWP Plugin <= 2.3.9 - SQL Injection
漏洞标题 CVE-2025-2010: WordPress JobWP Plugin <= 2.3.9 - SQL Injection 漏洞描述 The JobWP - Job Board, Job Listing, Career Page and Recruitment Plugin plugin for WordPress is v...
2025年5月3日 04:37CVE-2025-30567: WordPress WP01 – Path Traversal
漏洞标题 CVE-2025-30567: WordPress WP01 - Path Traversal 漏洞描述 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wp01ru W...
2025年9月21日 06:17CVE-2025-47204: Bootstrap Multiselect <= 1.1.2 - Cross-Site Scripting
漏洞标题 CVE-2025-47204: Bootstrap Multiselect <= 1.1.2 - Cross-Site Scripting 漏洞描述 A PHP script in the source code release echoes arbitrary POST data. If a developer adopts...
2025年1月15日 06:32CVE-2025-51586: PrestaShop – Information Disclosure
漏洞标题 CVE-2025-51586: PrestaShop - Information Disclosure 漏洞描述 User enumeration vulnerability in the AdminLogin controller in PrestaShop 1.7 through 8.2.2 allows remote atta...
2025年7月9日 12:17CVE-2025-52665: UniFi Access – Broken Access Control
漏洞标题 CVE-2025-52665: UniFi Access - Broken Access Control 漏洞描述 UniFi Access Application 3.3.22 through 3.4.31 contains a broken authentication caused by misconfiguration ex...
2025年5月17日 23:49CVE-2025-57808: ESPHome – Authentication Bypass
漏洞标题 CVE-2025-57808: ESPHome - Authentication Bypass 漏洞描述 ESPHome 2025.8.0 contains an authentication bypass caused by improper validation of base64-encoded Authorization v...
2025年2月24日 02:08CVE-2025-12055: MPDV Mikrolab GmbH HYDRA X, MIP 2 & FEDRA 2 – Path Traversal
漏洞标题 CVE-2025-12055: MPDV Mikrolab GmbH HYDRA X, MIP 2 & FEDRA 2 - Path Traversal 漏洞描述 MPDV Mikrolab GmbH HYDRA X, MIP 2, and FEDRA 2 <= Maintenance Pack 36 with Ser...
2025年3月27日 09:39
