漏洞库 第131页
此分类不是0day,只是做互联网poc收集,不对poc真实性、可用性做保证,不以poc无效等理由反馈退款
排序
CVE-2024-48248: NAKIVO Backup & Replication任意文件读取漏洞-渗透云记 - 专注于网络安全与技术分享

CVE-2024-48248: NAKIVO Backup & Replication任意文件读取漏洞

漏洞标题 CVE-2024-48248: NAKIVO Backup & Replication任意文件读取漏洞 漏洞描述 NAKIVO Backup & Replication 是一款专注于虚拟化、云端及混合环境的备份与灾难恢复的解决方案。攻击...
CVE-2024-42009: Roundcube Webmail - Cross-Site Scripting-渗透云记 - 专注于网络安全与技术分享

CVE-2024-42009: Roundcube Webmail – Cross-Site Scripting

漏洞标题 CVE-2024-42009: Roundcube Webmail - Cross-Site Scripting 漏洞描述 A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote a...
付费阅读100# xss# CVE-2024# roundcube
云记的头像-渗透云记 - 专注于网络安全与技术分享初心赞助云记2024年4月4日 11:50
10
CVE-2024-29138: WordPress Restrict User Access <= 2.5 - Cross-Site Scripting-渗透云记 - 专注于网络安全与技术分享

CVE-2024-29138: WordPress Restrict User Access <= 2.5 - Cross-Site Scripting

漏洞标题 CVE-2024-29138: WordPress Restrict User Access <= 2.5 - Cross-Site Scripting 漏洞描述 WordPress Restrict User Access – Membership Plugin with Force versions before 2.6...
付费阅读100# rce# xss# CVE-2024
云记的头像-渗透云记 - 专注于网络安全与技术分享初心赞助云记2024年4月4日 10:28
00
CVE-2024-45388: Hoverfly < 1.10.3 - Arbitrary File Read-渗透云记 - 专注于网络安全与技术分享

CVE-2024-45388: Hoverfly < 1.10.3 - Arbitrary File Read

漏洞标题 CVE-2024-45388: Hoverfly < 1.10.3 - Arbitrary File Read 漏洞描述 Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and ...
CVE-2024-8877: Riello Netman 204 - SQL Injection-渗透云记 - 专注于网络安全与技术分享

CVE-2024-8877: Riello Netman 204 – SQL Injection

漏洞标题 CVE-2024-8877: Riello Netman 204 - SQL Injection 漏洞描述 The three endpoints /cgi-bin/db_datalog_w.cgi, /cgi-bin/db_eventlog_w.cgi, and /cgi-bin/db_multimetr_w.cgi are vu...
CVE-2024-2879: WordPress Plugin LayerSlider 7.9.11-7.10.0 - SQL Injection-渗透云记 - 专注于网络安全与技术分享

CVE-2024-2879: WordPress Plugin LayerSlider 7.9.11-7.10.0 – SQL Injection

漏洞标题 CVE-2024-2879: WordPress Plugin LayerSlider 7.9.11-7.10.0 - SQL Injection 漏洞描述 The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup...
CVE-2024-36412: SuiteCRM - SQL Injection-渗透云记 - 专注于网络安全与技术分享

CVE-2024-36412: SuiteCRM – SQL Injection

漏洞标题 CVE-2024-36412: SuiteCRM - SQL Injection 漏洞描述 SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6....
付费阅读100# rce# CVE-2024# sql注入
云记的头像-渗透云记 - 专注于网络安全与技术分享初心赞助云记2024年4月3日 21:54
00
CVE-2024-51567: CyberPanel v2.3.6 Pre-Auth Remote Code Execution-渗透云记 - 专注于网络安全与技术分享

CVE-2024-51567: CyberPanel v2.3.6 Pre-Auth Remote Code Execution

漏洞标题 CVE-2024-51567: CyberPanel v2.3.6 Pre-Auth Remote Code Execution 漏洞描述 upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows re...
付费阅读100# rce# CVE-2024# Panel
云记的头像-渗透云记 - 专注于网络安全与技术分享初心赞助云记2024年4月3日 21:11
30
CVE-2024-35219: OpenAPI Generator <= 7.5.0 - Arbitrary File Read/Delete-渗透云记 - 专注于网络安全与技术分享

CVE-2024-35219: OpenAPI Generator <= 7.5.0 - Arbitrary File Read/Delete

漏洞标题 CVE-2024-35219: OpenAPI Generator <= 7.5.0 - Arbitrary File Read/Delete 漏洞描述 OpenAPI Generator versions 7.5.0 and below are prone to an Arbitrary File Read/Delete v...
CVE-2024-2473: WPS Hide Login <= 1.9.15.2 - Login Page Disclosure-渗透云记 - 专注于网络安全与技术分享

CVE-2024-2473: WPS Hide Login <= 1.9.15.2 - Login Page Disclosure

漏洞标题 CVE-2024-2473: WPS Hide Login <= 1.9.15.2 - Login Page Disclosure 漏洞描述 The WPS Hide Login plugin for WordPress is vulnerable to Login Page Disclosure in all version...
CVE-2024-22207: Fastify Swagger-UI - Information Disclosure-渗透云记 - 专注于网络安全与技术分享

CVE-2024-22207: Fastify Swagger-UI – Information Disclosure

漏洞标题 CVE-2024-22207: Fastify Swagger-UI - Information Disclosure 漏洞描述 fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configurati...
CVE-2024-8353: GiveWP Donation Plugin <= 3.16.1 - Unauthenticated PHP Object Injection-渗透云记 - 专注于网络安全与技术分享

CVE-2024-8353: GiveWP Donation Plugin <= 3.16.1 - Unauthenticated PHP Object Injection

漏洞标题 CVE-2024-8353: GiveWP Donation Plugin <= 3.16.1 - Unauthenticated PHP Object Injection 漏洞描述 The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPr...
CVE-2024-3032: WordPress Themify Builder < 7.5.8 - Open Redirect-渗透云记 - 专注于网络安全与技术分享

CVE-2024-3032: WordPress Themify Builder < 7.5.8 - Open Redirect

漏洞标题 CVE-2024-3032: WordPress Themify Builder < 7.5.8 - Open Redirect 漏洞描述 The Themify Builder WordPress plugin before version 7.5.8 contains an open redirect vulnerabil...
CVE-2024-45622: ASIS - SQL Injection Authentication Bypass-渗透云记 - 专注于网络安全与技术分享

CVE-2024-45622: ASIS – SQL Injection Authentication Bypass

漏洞标题 CVE-2024-45622: ASIS - SQL Injection Authentication Bypass 漏洞描述 ASIS (aka Aplikasi Sistem Sekolah using CodeIgniter 3) 3.0.0 through 3.2.0 allows index.php username SQ...
CVE-2024-13726: Themes Coder Ecommerce <= 1.3.4 - SQL Injection-渗透云记 - 专注于网络安全与技术分享

CVE-2024-13726: Themes Coder Ecommerce <= 1.3.4 - SQL Injection

漏洞标题 CVE-2024-13726: Themes Coder Ecommerce <= 1.3.4 - SQL Injection 漏洞描述 The Themes Coder Ecommerce WordPress plugin through 1.3.4 does not properly sanitise and escape...
付费阅读100# rce# CVE-2024# sql注入
云记的头像-渗透云记 - 专注于网络安全与技术分享初心赞助云记2024年4月2日 04:30
50
CVE-2024-23692: HTTP File Server Template_injection-渗透云记 - 专注于网络安全与技术分享

CVE-2024-23692: HTTP File Server Template_injection

漏洞标题 CVE-2024-23692: HTTP File Server Template_injection 漏洞描述 Rejetto HTTP文件服务器,直到并包括2.3m版本,都存在模板注入漏洞。此漏洞允许远程、未经认证的攻击者通过发送特制的...
1129130131132133861跳转