排序
CVE-2025-2127: JoomlaUX JUX Real Estate 3.4.0 – Reflected XSS
漏洞标题 CVE-2025-2127: JoomlaUX JUX Real Estate 3.4.0 - Reflected XSS 漏洞描述 A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla. It has been classified as pro...
2025年12月9日 19:46CVE-2025-34299: Monsta FTP <= 2.11.2 - Unauthenticated Remote Code Execution
漏洞标题 CVE-2025-34299: Monsta FTP <= 2.11.2 - Unauthenticated Remote Code Execution 漏洞描述 Monsta FTP = 2.11 contains an unrestricted file upload vulnerability caused by lac...
2025年2月1日 01:05CVE-2025-34027: Versa Concerto API Path Based – Authentication Bypass
漏洞标题 CVE-2025-34027: Versa Concerto API Path Based - Authentication Bypass 漏洞描述 Authentication bypass in the Versa Concerto API, caused by URL decoding inconsistencies. It ...
2025年1月2日 15:17(CVE-2025-54123) Hoverfly 中间件API命令注入漏洞
漏洞标题 (CVE-2025-54123) Hoverfly 中间件API命令注入漏洞 漏洞描述 (CVE-2025-54123) Hoverfly 中间件API命令注入漏洞 PoC代码 暂无
2025年11月25日 02:42Commvault /commandcenter/deployServiceCommcell.do 文件上传漏洞(CVE-2025-34028)
漏洞标题 Commvault /commandcenter/deployServiceCommcell.do 文件上传漏洞(CVE-2025-34028) 漏洞描述 Commvault是一款数据保护或网络弹性解决方案,为企业备份和复制套件。 Commva...
2025年4月6日 04:42CVE-2025-61757: Oracle Identity Manager REST WebServices – Authentication Bypass
漏洞标题 CVE-2025-61757: Oracle Identity Manager REST WebServices - Authentication Bypass 漏洞描述 Vulnerability in the Identity Manager product of Oracle Fusion Middleware (compon...
2025年2月9日 06:38CVE-2025-61884: Oracle E-Business Suite – Server-Side Request Forgery
漏洞标题 CVE-2025-61884: Oracle E-Business Suite - Server-Side Request Forgery 漏洞描述 Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Runt...
2025年1月10日 22:07CVE-2025-2907: Order Delivery Date Pro for WooCommerce < 12.3.1 - Arbitrary Option Update
漏洞标题 CVE-2025-2907: Order Delivery Date Pro for WooCommerce < 12.3.1 - Arbitrary Option Update 漏洞描述 The Order Delivery Date WordPress plugin before 12.3.1 does not have ...
2025年8月25日 12:20CVE-2025-1974-k8s: Ingress-Nginx Controller – Unauthenticated Remote Code Execution
漏洞标题 CVE-2025-1974-k8s: Ingress-Nginx Controller - Unauthenticated Remote Code Execution 漏洞描述 A security issue was discovered in ingress-nginx where the `auth-tls-match-cn`...
2025年4月27日 03:34CVE-2025-13315: Twonky Server 8.5.2 on Linux and Windows – Log File Exposure
漏洞标题 CVE-2025-13315: Twonky Server 8.5.2 on Linux and Windows - Log File Exposure 漏洞描述 Twonky Server 8.5.2 contains a broken access control vulnerability caused by bypassin...
2025年9月21日 22:37CVE-2025-53118: Securden Unified PAM – Authentication Bypass
漏洞标题 CVE-2025-53118: Securden Unified PAM - Authentication Bypass 漏洞描述 An authentication bypass vulnerability exists which allows an unauthenticated attacker to control adm...
2025年7月5日 07:30CVE-2025-30208: Vite – Arbitrary File Read
漏洞标题 CVE-2025-30208: Vite - Arbitrary File Read 漏洞描述 Vite, a provider of frontend development tooling, has a vulnerability in versions prior to 6.2.3, 6.1.2, 6.0.12, 5.4.15...
2025年11月23日 20:04Adobe Commerce/Magento SessionReaper /customer/address_file/upload 文件上传漏洞(CVE-2025-54236)
漏洞标题 Adobe Commerce/Magento SessionReaper /customer/address_file/upload 文件上传漏洞(CVE-2025-54236) 漏洞描述 Adobe Commerce是一款由Adobe公司开发的电子商务平台,广泛应用于全...
2025年6月17日 09:39CVE-2025-30220: GeoServer WFS – XXE Processing Vulnerability
漏洞标题 CVE-2025-30220: GeoServer WFS - XXE Processing Vulnerability 漏洞描述 GeoServer Web Feature Service (WFS) is vulnerable to an XML External Entity (XXE) processing attack d...
2025年8月16日 12:14CVE-2025-1023: ChurchCRM – SQL Injection
漏洞标题 CVE-2025-1023: ChurchCRM - SQL Injection 漏洞描述 A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary SQL queries by exploiti...
2025年5月12日 06:36CVE-2025-44136: MapTiler Tileserver-php v2.0 – Unauthenticated XSS
漏洞标题 CVE-2025-44136: MapTiler Tileserver-php v2.0 - Unauthenticated XSS 漏洞描述 MapTiler Tileserver-php v2.0 contains a reflected XSS caused by unencoded reflection of the GET...
2025年9月1日 21:36
