漏洞标题 CVE-2022-36804: Atlassian Bitbucket - Remote Command Injection 漏洞描述 Atlassian Bitbucket Server and Data Center is susceptible to remote command injection. Multiple API...

漏洞标题 CVE-2021-39141: XStream 1.4.18 - Remote Code Execution 漏洞描述 XStream 1.4.18 is susceptible to remote code execution. An attacker can execute commands of the host by man...

漏洞标题 CVE-2019-12988: Citrix SD-WAN Center - Remote Command Injection 漏洞描述 Citrix SD-WAN Center is susceptible to remote command injection via the addModifyZTDProxy function...

漏洞标题 CVE-2024-3850: Uniview NVR301-04S2-P4 - Cross-Site Scripting 漏洞描述 Uniview NVR301-04S2-P4 contains a reflected cross-site scripting vulnerability via the PATH of LAPI. ...

漏洞标题 CVE-2014-4940: WordPress Plugin Tera Charts - Local File Inclusion 漏洞描述 Multiple local file inclusion vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordP...

漏洞标题 CVE-2022-45038: WBCE CMS v1.5.4 - Cross Site Scripting (Stored) 漏洞描述 A cross-site scripting (XSS) vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows a...

漏洞标题 CVE-2021-22175: GitLab CI Lint API - Server-Side Request Forgery 漏洞描述 GitLab 10.5 and later contain a server-side request forgery caused by insecure handling of webhoo...

漏洞标题 CVE-2019-11869: WordPress Yuzo <5.12.94 - Cross-Site Scripting 漏洞描述 WordPress Yuzo Related Posts plugin before 5.12.94 is vulnerable to cross-site scripting because...

漏洞标题 CVE-2024-1183: Gradio - Server Side Request Forgery 漏洞描述 An SSRF (Server-Side Request Forgery) vulnerability exists in the gradio-app/gradio repository, allowing attac...

漏洞标题 CVE-2015-5531: Elasticsearch CVE-2015-5531 漏洞描述 Elasticsearch before 1.4.4 allows remote attackers to read arbitrary files via a crafted request to the head plugin. Po...

漏洞标题 CVE-2022-32770: WWBN AVideo 11.6 - Cross-Site Scripting 漏洞描述 WWBN AVideo 11.6 contains a cross-site scripting vulnerability in the footer alerts functionality via the ...

漏洞标题 CVE-2021-24940: WordPress Persian Woocommerce <=5.8.0 - Cross-Site Scripting 漏洞描述 WordPress Persian Woocommerce plugin through 5.8.0 contains a cross-site scripting...

漏洞标题 CVE-2020-2096: Jenkins Gitlab Hook <=1.4.2 - Cross-Site Scripting 漏洞描述 Jenkins Gitlab Hook 1.4.2 and earlier does not escape project names in the build_now endpoint...

漏洞标题 CVE-2024-34351: Next.js - Server Side Request Forgery (SSRF) 漏洞描述 Next.Js, inferior to version 14.1.1, have its image optimization built-in component prone to SSRF. Po...

漏洞标题 CVE-2015-1579: WordPress Slider Revolution - Local File Disclosure 漏洞描述 Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote ...

漏洞标题 CVE-2022-0597: Microweber < 1.2.11 - Open Redirection 漏洞描述 Open Redirect in Packagist microweber/microweber prior to 1.2.11. PoC代码