漏洞标题 CVE-2023-32068: XWiki - Open Redirect 漏洞描述 XWiki Platform is vulnerable to open redirect attacks due to improper validation of the xredirect parameter. This allows an ...

漏洞标题 CVE-2007-5728: phpPgAdmin <=4.1.1 - Cross-Site Scripting 漏洞描述 phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, is vulnerable to cross-site scripting and allows remote a...

漏洞标题 CVE-2018-15745: Argus Surveillance DVR 4.0.0.0 - Local File Inclusion 漏洞描述 Argus Surveillance DVR 4.0.0.0 devices allow unauthenticated local file inclusion, leading t...

漏洞标题 CVE-2024-26331: ReCrystallize Server - Authentication Bypass 漏洞描述 This vulnerability allows an attacker to bypass authentication in the ReCrystallize Server applicatio...

漏洞标题 CVE-2021-26086: Atlassian Jira Limited - Local File Inclusion 漏洞描述 Affected versions of Atlassian Jira Limited Server and Data Center are vulnerable to local file incl...

漏洞标题 Apache Tomcat Ajp webapp 任意文件读取漏洞(CVE-2020-1938) 漏洞描述 ApacheTomcat会开启AJP连接器,方便与其他Web服务器通过AJP协议进行交互。由于Tomcat本身也内含了HTTP服务器，因...

漏洞标题 (CVE-2020-5410) Spring Cloud Config 目录遍历漏洞 漏洞描述 (CVE-2020-5410) Spring Cloud Config 目录遍历漏洞 PoC代码 暂无

漏洞标题 CVE-2025-53118: Securden Unified PAM - Authentication Bypass 漏洞描述 An authentication bypass vulnerability exists which allows an unauthenticated attacker to control adm...

漏洞标题 CVE-2017-7615: MantisBT <=2.30 - Arbitrary Password Reset/Admin Access 漏洞描述 MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access ...

漏洞标题 CVE-2019-11253: Kubernetes API Server - YAML Parsing DoS (Billion Laughs) 漏洞描述 The Kubernetes API server is vulnerable to a denial of service attack via YAML/JSON pars...

漏洞标题 CVE-2021-39350: FV Flowplayer Video Player WordPress plugin - Authenticated Cross-Site Scripting 漏洞描述 The FV Flowplayer Video Player WordPress plugin is vulnerable to ...

漏洞标题 CVE-2014-4561: Ultimate Weather Plugin <= 1.0 - Cross-Site Scripting 漏洞描述 The ultimate-weather plugin 1.0 for WordPress contains a cross-site scripting vulnerabilit...

漏洞标题 (CVE-2010-1659) Joomla! Ultimate Portfolio组件目录遍历漏洞 漏洞描述 (CVE-2010-1659) Joomla! Ultimate Portfolio组件目录遍历漏洞 PoC代码 暂无

漏洞标题 CVE-2018-7314: Joomla! Component PrayerCenter 3.0.2 - SQL Injection 漏洞描述 SQL Injection exists in the PrayerCenter 3.0.2 component for Joomla! via the sessionid paramet...

漏洞标题 CVE-2022-43140: kkFileView 4.1.0 - Server-Side Request Forgery 漏洞描述 kkFileView 4.1.0 is susceptible to server-side request forgery via the component cn.keking.web.cont...

漏洞标题 CVE-2021-45793: Slims9 Bulian 9.4.2 - SQL Injection 漏洞描述 Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data can be obtained. PoC代码