排序
CVE-2025-56819: Datart v1.0.0-rc.3 – Remote Code Execution
漏洞标题 CVE-2025-56819: Datart v1.0.0-rc.3 - Remote Code Execution 漏洞描述 Datart v1.0.0-rc.3 contains a vulnerability that allows remote attackers to execute arbitrary code via ...
2025年10月13日 03:11CiscoIOSXEWLC-CVE-2025-20188-任意文件上传
漏洞标题 CiscoIOSXEWLC-CVE-2025-20188-任意文件上传 漏洞描述 用于无线局域网控制器 (WLC) 的 Cisco IOS XE 软件的带外接入点 (AP)映像下载功能中存在一个漏洞,该漏洞可能允许未经身份验...
2025年9月30日 18:17CVE-2025-2907: Order Delivery Date Pro for WooCommerce < 12.3.1 - Arbitrary Option Update
漏洞标题 CVE-2025-2907: Order Delivery Date Pro for WooCommerce < 12.3.1 - Arbitrary Option Update 漏洞描述 The Order Delivery Date WordPress plugin before 12.3.1 does not have ...
2025年4月12日 08:23CVE-2025-11749: WordPress AI Engine Plugin – Token Exposure
漏洞标题 CVE-2025-11749: WordPress AI Engine Plugin - Token Exposure 漏洞描述 Unauthenticated sensitive information exposure in AI Engine WordPress plugin <= 3.1.3 exposes beare...
2025年11月25日 02:38(CVE-2025-5961) WPvivid备份与迁移插件任意文件上传漏洞
漏洞标题 (CVE-2025-5961) WPvivid备份与迁移插件任意文件上传漏洞 漏洞描述 (CVE-2025-5961) WPvivid备份与迁移插件任意文件上传漏洞 PoC代码 暂无
2025年10月16日 22:06CVE-2025-30220: GeoServer WFS – XXE Processing Vulnerability
漏洞标题 CVE-2025-30220: GeoServer WFS - XXE Processing Vulnerability 漏洞描述 GeoServer Web Feature Service (WFS) is vulnerable to an XML External Entity (XXE) processing attack d...
2025年8月16日 12:14CVE-2025-30208: Vite – Arbitrary File Read
漏洞标题 CVE-2025-30208: Vite - Arbitrary File Read 漏洞描述 Vite, a provider of frontend development tooling, has a vulnerability in versions prior to 6.2.3, 6.1.2, 6.0.12, 5.4.15...
2025年5月9日 11:34CVE-2025-58434: Flowise <= 3.0.5 - Account Takeover
漏洞标题 CVE-2025-58434: Flowise <= 3.0.5 - Account Takeover 漏洞描述 Flowise versions 3.0.5 and earlier had a vulnerability in the forgot-password endpoint, which returned vali...
2025年4月25日 01:34CVE-2025-49029: WordPress Custom Login And Signup Widget Plugin <= 1.0 - Arbitrary Code Execution
漏洞标题 CVE-2025-49029: WordPress Custom Login And Signup Widget Plugin <= 1.0 - Arbitrary Code Execution 漏洞描述 Improper Control of Generation of Code ('Code Injection&...
2025年12月23日 08:07CVE-2025-6970: WordPress Events Manager <= 7.0.3 - SQL Injection
漏洞标题 CVE-2025-6970: WordPress Events Manager <= 7.0.3 - SQL Injection 漏洞描述 The Events Manager - Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable...
2025年12月29日 19:56CVE-2025-0107: Palo Alto Networks Expedition – OS Command Injection
漏洞标题 CVE-2025-0107: Palo Alto Networks Expedition - OS Command Injection 漏洞描述 An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthentica...
2025年2月17日 04:48CVE-2025-28367: mojoPortal <=2.9.0.1 - Directory Traversal
漏洞标题 CVE-2025-28367: mojoPortal <=2.9.0.1 - Directory Traversal 漏洞描述 mojoPortal <=2.9.0.1 is vulnerable to Directory Traversal via BetterImageGallery API Controller -...
2025年2月7日 23:50CVE-2025-13486: Advanced Custom Fields Extended < 0.9.2 - Remote Code Execution
漏洞标题 CVE-2025-13486: Advanced Custom Fields Extended < 0.9.2 - Remote Code Execution 漏洞描述 Advanced Custom Fields: Extended WordPress plugin 0.9.0.5 through 0.9.1.1 conta...
2025年7月18日 08:07CVE-2025-53833: LaRecipe < 2.8.1 Remote Code Execution via SSTI
漏洞标题 CVE-2025-53833: LaRecipe < 2.8.1 Remote Code Execution via SSTI 漏洞描述 LaRecipe is an application that allows users to create documentation with Markdown inside a Lar...
2025年12月12日 14:47CVE-2025-13315: Twonky Server 8.5.2 on Linux and Windows – Log File Exposure
漏洞标题 CVE-2025-13315: Twonky Server 8.5.2 on Linux and Windows - Log File Exposure 漏洞描述 Twonky Server 8.5.2 contains a broken access control vulnerability caused by bypassin...
2025年9月21日 22:37CVE-2025-25231: Omnissa Workspace ONE UEM – Path Traversal
漏洞标题 CVE-2025-25231: Omnissa Workspace ONE UEM - Path Traversal 漏洞描述 Omnissa Workspace ONE UEM contains a path traversal caused by crafted GET requests to restricted API en...
2025年8月8日 04:16
