排序
CVE-2024-6289: WPS Hide Login < 1.9.16.4 - Hidden Login Page Disclosure
漏洞标题 CVE-2024-6289: WPS Hide Login < 1.9.16.4 - Hidden Login Page Disclosure 漏洞描述 The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the l...
2024年2月15日 03:31CVE-2024-37728: OfficeWeb365 Indexs Interface – Arbitrary File Read
漏洞标题 CVE-2024-37728: OfficeWeb365 Indexs Interface - Arbitrary File Read 漏洞描述 There is any file reading in the officeWeb365 Indexs interface. PoC代码
2024年2月14日 16:52CVE-2024-43917: WordPress TI WooCommerce Wishlist Plugin <= 2.8.2 - SQL Injection
漏洞标题 CVE-2024-43917: WordPress TI WooCommerce Wishlist Plugin <= 2.8.2 - SQL Injection 漏洞描述 In the latest version (2.8.2 as of writing the article) and below, the plugin...
2024年2月14日 13:47CVE-2024-8517: SPIP BigUp Plugin – Remote Code Execution
漏洞标题 CVE-2024-8517: SPIP BigUp Plugin - Remote Code Execution 漏洞描述 SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenti...
2024年2月14日 06:54CVE-2024-6220: WordPress Keydatas ≤ 2.5.2 – Arbitrary File Upload
漏洞标题 CVE-2024-6220: WordPress Keydatas ≤ 2.5.2 - Arbitrary File Upload 漏洞描述 The Keydatas plugin for WordPress (known in Chinese as "简数采集器") is vulnerable to...
2024年2月14日 04:46CData Sync CVE-2024-31851 路径遍历漏洞
漏洞标题 CData Sync CVE-2024-31851 路径遍历漏洞 漏洞描述 CData sync存在路径遍历漏洞,此漏洞是由于/ui/接口对用户的请求验证不当造成的。 PoC代码 暂无
2024年2月14日 03:25CVE-2024-36991: Splunk Enterprise – Local File Inclusion
漏洞标题 CVE-2024-36991: Splunk Enterprise - Local File Inclusion 漏洞描述 In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path...
2024年2月13日 19:32CVE-2024-6220: WordPress Keydatas ≤ 2.5.2 – Arbitrary File Upload
漏洞标题 CVE-2024-6220: WordPress Keydatas ≤ 2.5.2 - Arbitrary File Upload 漏洞描述 The Keydatas plugin for WordPress (known in Chinese as "简数采集器") is vulnerable to...
2024年2月13日 19:18CVE-2024-31750: F-logic DataCube3 – SQL Injection
漏洞标题 CVE-2024-31750: F-logic DataCube3 - SQL Injection 漏洞描述 SQL injection vulnerability in f-logic datacube3 v.1.0 allows a remote attacker to obtain sensitive information ...
2024年2月13日 17:49CVE-2024-30188: Apache DolphinScheduler >= 3.1.0, < 3.2.2 Resource File Read And Write
漏洞标题 CVE-2024-30188: Apache DolphinScheduler >= 3.1.0, < 3.2.2 Resource File Read And Write 漏洞描述 File read and write vulnerability in Apache DolphinScheduler, authent...
2024年2月13日 08:06CVE-2024-10486: Google for WooCommerce <= 2.8.6 - Information Disclosure via Publicly Accessible PHP Info File
漏洞标题 CVE-2024-10486: Google for WooCommerce <= 2.8.6 - Information Disclosure via Publicly Accessible PHP Info File 漏洞描述 The Google for WooCommerce plugin for WordPress ...
2024年2月13日 02:55CVE-2024-34257: TOTOLINK EX1800T TOTOLINK EX1800T – Command Injection
漏洞标题 CVE-2024-34257: TOTOLINK EX1800T TOTOLINK EX1800T - Command Injection 漏洞描述 TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypType paramete...
2024年2月12日 23:09CVE-2024-48248: NAKIVO Backup and Replication Solution – Unauthenticated Arbitrary File Read
漏洞标题 CVE-2024-48248: NAKIVO Backup and Replication Solution - Unauthenticated Arbitrary File Read 漏洞描述 NAKIVO Backup & Replication is a data protection solution used fo...
2024年2月12日 18:37CVE-2024-34257: TOTOLINK EX1800T TOTOLINK EX1800T – Command Injection
漏洞标题 CVE-2024-34257: TOTOLINK EX1800T TOTOLINK EX1800T - Command Injection 漏洞描述 TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypType paramete...
2024年2月12日 10:06CVE-2024-50340: Symfony Profiler – Remote Access via Injected Arguments
漏洞标题 CVE-2024-50340: Symfony Profiler - Remote Access via Injected Arguments 漏洞描述 symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP ap...
2024年2月12日 02:33CVE-2024-3922: Dokan Pro <= 3.10.3 - SQL Injection
漏洞标题 CVE-2024-3922: Dokan Pro <= 3.10.3 - SQL Injection 漏洞描述 The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all ...
2024年2月11日 19:41
