排序
CVE-2025-2748: Kentico Xperience CMS – Unauthenticated Stored XSS
漏洞标题 CVE-2025-2748: Kentico Xperience CMS - Unauthenticated Stored XSS 漏洞描述 The Kentico Xperience application does not fully validate or filter files uploaded via the multi...
2025年4月22日 00:04CVE-2018-16299: WordPress Localize My Post 1.0 – Local File Inclusion
漏洞标题 CVE-2018-16299: WordPress Localize My Post 1.0 - Local File Inclusion 漏洞描述 WordPress Localize My Post 1.0 is susceptible to local file inclusion via the ajax/include.p...
2018年1月10日 04:54CVE-2023-47873: WordPress WP Child Theme Generator < 1.1.3 - Arbitrary File Upload
漏洞标题 CVE-2023-47873: WordPress WP Child Theme Generator < 1.1.3 - Arbitrary File Upload 漏洞描述 Unrestricted Upload of File with Dangerous Type vulnerability in WEN Solutio...
2023年7月16日 02:32CVE-2022-34094: Software Publico Brasileiro i3geo v7.0.5 – Cross-Site Scripting
漏洞标题 CVE-2022-34094: Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting 漏洞描述 Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cro...
2022年4月1日 14:49CVE-2020-19295: Jeesns 1.4.2 – Cross-Site Scripting
漏洞标题 CVE-2020-19295: Jeesns 1.4.2 - Cross-Site Scripting 漏洞描述 Jeesns 1.4.2 is vulnerable to reflected cross-site scripting in the /weibo/topic component and allows attacker...
2020年12月14日 01:00CVE-2025-46554: XWiki REST API – Attachments Disclosure
漏洞标题 CVE-2025-46554: XWiki REST API - Attachments Disclosure 漏洞描述 A vulnerability in XWiki's REST API allows unauthenticated users to access attachments list and metad...
2025年5月2日 17:05CVE-2018-0127: Cisco RV132W/RV134W Router – Information Disclosure
漏洞标题 CVE-2018-0127: Cisco RV132W/RV134W Router - Information Disclosure 漏洞描述 Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco RV134W VDSL2 Wireless-AC VPN Routers could...
2018年1月21日 21:55CVE-2023-0099: Simple URLs < 115 - Cross Site Scripting
漏洞标题 CVE-2023-0099: Simple URLs < 115 - Cross Site Scripting 漏洞描述 The plugin does not sanitise and escape some parameters before outputting them back in some pages, lead...
2023年7月20日 16:41Crestron Devices CVE-2022-23178信息泄露漏洞
漏洞标题 Crestron Devices CVE-2022-23178信息泄露漏洞 漏洞描述 Crestron Devices CVE-2022-23178信息泄露漏洞 日期: 2024-02-22 | 影响软件: Crestron Devices | PoC代码 暂无
2022年4月5日 18:05(CVE-2020-36289) Atlassian Jira Server和Data Center QueryComponentRendererValue 信息泄露漏洞
漏洞标题 (CVE-2020-36289) Atlassian Jira Server和Data Center QueryComponentRendererValue 信息泄露漏洞 漏洞描述 (CVE-2020-36289) Atlassian Jira Server和Data Center QueryComponentRen...
2020年12月22日 20:27CVE-2025-1023: ChurchCRM – SQL Injection
漏洞标题 CVE-2025-1023: ChurchCRM - SQL Injection 漏洞描述 A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary SQL queries by exploiti...
2025年5月12日 06:36CVE-2018-5233: Grav CMS <1.3.0 - Cross-Site Scripting
漏洞标题 CVE-2018-5233: Grav CMS <1.3.0 - Cross-Site Scripting 漏洞描述 Grav CMS before 1.3.0 is vulnerable to cross-site scripting via system/src/Grav/Common/Twig/Twig.php and ...
2018年2月4日 01:37CVE-2023-32315-2: Openfire身份认证绕过漏洞
漏洞标题 CVE-2023-32315-2: Openfire身份认证绕过漏洞 漏洞描述 Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web...
2023年7月25日 03:33CVE-2022-33965: WordPress Visitor Statistics <=5.7 - SQL Injection
漏洞标题 CVE-2022-33965: WordPress Visitor Statistics <=5.7 - SQL Injection 漏洞描述 WordPress Visitor Statistics plugin through 5.7 contains multiple unauthenticated SQL inject...
2022年4月9日 20:52(CVE-2021-21975) vRealize Operations Manager API 请求伪造漏洞
漏洞标题 (CVE-2021-21975) vRealize Operations Manager API 请求伪造漏洞 漏洞描述 (CVE-2021-21975) vRealize Operations Manager API 请求伪造漏洞 PoC代码 暂无
2021年1月1日 13:06CVE-2025-24963: Vitest Browser Mode – Local File Read
漏洞标题 CVE-2025-24963: Vitest Browser Mode - Local File Read 漏洞描述 Vitest is a testing framework powered by Vite. The `__screenshot-error` handler on the browser mode HTTP ser...
2025年5月22日 22:12
