漏洞标题 BackupBuddy 存在本地文件包含漏洞（CVE-2022-31474） 漏洞描述 BackupBuddy 是WordPress一款备份迁移插件。BackupBuddy 8.5.8.0 - 8.7.4.1版本存在本地文件包含漏洞，攻击者可以利用...

漏洞标题 CVE-2020-8194: Citrix ADC and Citrix NetScaler Gateway - Remote Code Injection 漏洞描述 Citrix ADC and NetScaler Gateway are susceptible to remote code injection. An attac...

漏洞标题 CVE-2025-25034: SugarCRM - Unauthenticated Remote Code Execution via PHP Object Injection 漏洞描述 A PHP object injection vulnerability exists in SugarCRM versions prior t...

漏洞标题 CVE-2017-12615: Apache Tomcat Servers - Remote Code Execution 漏洞描述 Apache Tomcat servers 7.0.{0 to 79} are susceptible to remote code execution. By design, you are not...

漏洞标题 CVE-2023-38879: openSIS v9.0 - Path Traversal 漏洞描述 A path traversal vulnerability exists in openSIS Classic Community Edition v9.0 via the 'filename' paramet...

漏洞标题 CVE-2022-29464: WSO2 Management - Arbitrary File Upload & Remote Code Execution 漏洞描述 Certain WSO2 products allow unrestricted file upload with resultant remote cod...

漏洞标题 CVE-2020-12720: vBulletin SQL Injection 漏洞描述 vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1 has incorrect access control that permits SQL ...

漏洞标题 CVE-2025-25034: SugarCRM - Unauthenticated Remote Code Execution via PHP Object Injection 漏洞描述 A PHP object injection vulnerability exists in SugarCRM versions prior t...

漏洞标题 CVE-2017-3506: Oracle Fusion Middleware Weblogic Server - Remote OS Command Execution 漏洞描述 The Oracle WebLogic Server component of Oracle Fusion Middleware (Web Servic...

漏洞标题 CVE-2023-37728: IceWarp Webmail Server v10.2.1 - Cross Site Scripting 漏洞描述 Icewarp Icearp v10.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability ...

漏洞标题 CVE-2022-29455-headless: WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting 漏洞描述 WordPress Elementor Website Builder plugin 3.5.5 and prior con...

漏洞标题 CVE-2020-10987: Tenda AC15 AC1900 version 15.03.05.19 - Command Injection 漏洞描述 The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote ...

漏洞标题 CVE-2025-44136: MapTiler Tileserver-php v2.0 - Unauthenticated XSS 漏洞描述 MapTiler Tileserver-php v2.0 contains a reflected XSS caused by unencoded reflection of the GET...

漏洞标题 CVE-2017-17092: WordPress < 4.9.1 - Authenticated JavaScript File Upload 漏洞描述 WordPress before 4.9.1 contains a cross-site scripting caused by not requiring unfilte...

漏洞标题 CVE-2023-37679: NextGen Mirth Connect - Remote Code Execution 漏洞描述 Mirth Connect, by NextGen HealthCare, is an open source data integration platform widely used by hea...

漏洞标题 CVE-2022-34045: WAVLINK WN530HG4 - Improper Access Control 漏洞描述 WAVLINK WN530HG4 M30HG4.V5030.191116 is susceptible to improper access control. It contains a hardcoded...