排序
Copyparty1.8.6存在XSS漏洞(CVE-2025-54589)
漏洞标题 Copyparty1.8.6存在XSS漏洞(CVE-2025-54589) 漏洞描述 Copyparty1.8.6存在XSS漏洞,攻击者可以获取用户敏感信息。 PoC代码 暂无
2025年3月25日 06:03CVE-2025-51501: Microweber CMS2.0 – Cross-Site Scripting
漏洞标题 CVE-2025-51501: Microweber CMS2.0 - Cross-Site Scripting 漏洞描述 Reflected Cross-Site Scripting (XSS) in the `id` parameter of the `live_edit.module_settings` API endpoin...
2025年8月21日 20:20CVE-2025-2747: Kentico Xperience 13 CMS – Staging Service Authentication Bypass (WT-2025-0006)
漏洞标题 CVE-2025-2747: Kentico Xperience 13 CMS - Staging Service Authentication Bypass (WT-2025-0006) 漏洞描述 An authentication bypass vulnerability in Kentico Xperience allows ...
2025年4月15日 13:50CVE-2025-11833: Post SMTP <= 3.6.0 - Email Log Disclosure
漏洞标题 CVE-2025-11833: Post SMTP <= 3.6.0 - Email Log Disclosure 漏洞描述 Post SMTP WordPress plugin <= 3.6.0 contains an unauthorized data access vulnerability caused by m...
2025年9月14日 08:02CVE-2025-44137: MapTiler Tileserver-php v2.0 – Unauthenticated File Read
漏洞标题 CVE-2025-44137: MapTiler Tileserver-php v2.0 - Unauthenticated File Read 漏洞描述 MapTiler Tileserver-php v2.0 contains a directory traversal caused by improper sanitizati...
2025年12月7日 12:49CVE-2025-62522: Vite – Information Disclosure
漏洞标题 CVE-2025-62522: Vite - Information Disclosure 漏洞描述 Vite is a frontend tooling framework for JavaScript.In versions from 2.9.18 to before 3.0.0, 3.2.9 to before 4.0.0, ...
2025年3月23日 01:46CVE-2025-53558: ZTE ZXHN-F660T/F660A – Default Credentials
漏洞标题 CVE-2025-53558: ZTE ZXHN-F660T/F660A - Default Credentials 漏洞描述 ZXHN-F660T and ZXHN-F660A provided by ZTE Japan K.K. use a common credential for all installations. Wit...
2025年5月22日 23:01CVE-2025-26319: FlowiseAI Flowise <= 2.2.6 - Arbitrary File Upload
漏洞标题 CVE-2025-26319: FlowiseAI Flowise <= 2.2.6 - Arbitrary File Upload 漏洞描述 FlowiseAI Flowise version 2.2.6 and below contains an arbitrary file upload vulnerability in...
2025年6月14日 13:06CVE-2025-1098: Ingress-Nginx Controller – Configuration Injection via Unsanitized Mirror Annotations
漏洞标题 CVE-2025-1098: Ingress-Nginx Controller - Configuration Injection via Unsanitized Mirror Annotations 漏洞描述 A security issue was discovered in ingress-nginx https-//gith...
2025年10月10日 04:56CVE-2025-44177: White Star Software ProTop – Directory Traversal
漏洞标题 CVE-2025-44177: White Star Software ProTop - Directory Traversal 漏洞描述 A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2-20...
2025年2月1日 01:29CVE-2025-44136: MapTiler Tileserver-php v2.0 – Unauthenticated XSS
漏洞标题 CVE-2025-44136: MapTiler Tileserver-php v2.0 - Unauthenticated XSS 漏洞描述 MapTiler Tileserver-php v2.0 contains a reflected XSS caused by unencoded reflection of the GET...
2025年3月26日 01:35Adobe Commerce/Magento SessionReaper /customer/address_file/upload 文件上传漏洞(CVE-2025-54236)
漏洞标题 Adobe Commerce/Magento SessionReaper /customer/address_file/upload 文件上传漏洞(CVE-2025-54236) 漏洞描述 Adobe Commerce是一款由Adobe公司开发的电子商务平台,广泛应用于全...
2025年5月11日 20:21CVE-2025-4302: Stop User Enumeration WordPress plugin – Authentication Bypass
漏洞标题 CVE-2025-4302: Stop User Enumeration WordPress plugin - Authentication Bypass 漏洞描述 Stop User Enumeration WordPress plugin < 1.7.3 contains an authentication bypass ...
2025年1月15日 18:05CVE-2025-51586: PrestaShop – Information Disclosure
漏洞标题 CVE-2025-51586: PrestaShop - Information Disclosure 漏洞描述 User enumeration vulnerability in the AdminLogin controller in PrestaShop 1.7 through 8.2.2 allows remote atta...
2025年12月26日 14:21CVE-2025-30220: GeoServer WFS – XXE Processing Vulnerability
漏洞标题 CVE-2025-30220: GeoServer WFS - XXE Processing Vulnerability 漏洞描述 GeoServer Web Feature Service (WFS) is vulnerable to an XML External Entity (XXE) processing attack d...
2025年12月5日 14:58(CVE-2025-58751) Vite server.fs 安全绕过漏洞
漏洞标题 (CVE-2025-58751) Vite server.fs 安全绕过漏洞 漏洞描述 (CVE-2025-58751) Vite server.fs 安全绕过漏洞 PoC代码 暂无
2025年10月2日 03:26
