排序
CVE-2025-32814: NetMRI Unauthenticated SQL Injection via skipjackUsername
漏洞标题 CVE-2025-32814: NetMRI Unauthenticated SQL Injection via skipjackUsername 漏洞描述 An issue was discovered in Infoblox NETMRI before 7.6.1. Unauthenticated SQL Injection c...
2025年8月2日 01:39Apache Struts2-输入验证漏洞(S2-057)(CVE-2018-11776)
漏洞标题 Apache Struts2-输入验证漏洞(S2-057)(CVE-2018-11776) 漏洞描述 【漏洞对象】Apache Struts 2 【涉及版本】2.3-2.3.34,2.5-2.5.16 【漏洞描述】软件存在输入验证漏洞,远程攻击者可...
2018年5月13日 22:42CVE-2023-5074: D-Link D-View 8 v2.0.1.28 – Authentication Bypass
漏洞标题 CVE-2023-5074: D-Link D-View 8 v2.0.1.28 - Authentication Bypass 漏洞描述 Use of a static key to protect a JWT token used in user authentication can allow an for an authen...
2023年8月31日 15:49CVE-2022-24260: VoipMonitor – Pre-Auth SQL Injection
漏洞标题 CVE-2022-24260: VoipMonitor - Pre-Auth SQL Injection 漏洞描述 A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileges to the...
2022年5月14日 09:24CVE-2021-27748: IBM WebSphere HCL Digital Experience – Server-Side Request Forgery
漏洞标题 CVE-2021-27748: IBM WebSphere HCL Digital Experience - Server-Side Request Forgery 漏洞描述 IBM WebSphere HCL Digital Experience is vulnerable to server-side request forge...
2021年2月13日 18:15CVE-2025-6174: WordPress Qwizcards < 3.95 - Cross-Site Scripting (Reflected)
漏洞标题 CVE-2025-6174: WordPress Qwizcards < 3.95 - Cross-Site Scripting (Reflected) 漏洞描述 The WordPress Qwizcards plugin before version 3.95 does not sanitise and escape th...
2025年8月14日 21:51Apache OFBiz CVE-2018-8033 XML外部实体注入漏洞
漏洞标题 Apache OFBiz CVE-2018-8033 XML外部实体注入漏洞 漏洞描述 Apache OFBiz存在XML外部实体注入漏洞,此漏洞是由于httpService接口对用户的请求验证不当导致的。 PoC代码 暂无
2018年5月25日 16:04CVE-2023-27482: Home Assistant Supervisor – Authentication Bypass
漏洞标题 CVE-2023-27482: Home Assistant Supervisor - Authentication Bypass 漏洞描述 Home Assistant Supervisor is an open source home automation tool. A remotely exploitable vulnera...
2023年9月6日 00:07CVE-2022-31101: Prestashop Blockwishlist 2.1.0 SQL Injection
漏洞标题 CVE-2022-31101: Prestashop Blockwishlist 2.1.0 SQL Injection 漏洞描述 Prestashop Blockwishlist module version 2.1.0 suffers from a remote authenticated SQL injection vulne...
2022年5月21日 10:29CVE-2021-26247: Cacti – Cross-Site Scripting
漏洞标题 CVE-2021-26247: Cacti - Cross-Site Scripting 漏洞描述 Cacti contains a cross-site scripting vulnerability via "http://<CACTI_SERVER>/auth_changepassword.php?ref...
2021年2月18日 17:35CVE-2025-46818: Redis Lua Sandbox < 8.2.2 - Cross-User Escape
漏洞标题 CVE-2025-46818: Redis Lua Sandbox < 8.2.2 - Cross-User Escape 漏洞描述 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow...
2025年8月27日 19:49CVE-2018-7314: Joomla! Component PrayerCenter 3.0.2 – SQL Injection
漏洞标题 CVE-2018-7314: Joomla! Component PrayerCenter 3.0.2 - SQL Injection 漏洞描述 SQL Injection exists in the PrayerCenter 3.0.2 component for Joomla! via the sessionid paramet...
2018年6月9日 09:24CVE-2023-2256: WordPress Product Addons & Fields for WooCommerce < 32.0.7 - Cross-Site Scripting
漏洞标题 CVE-2023-2256: WordPress Product Addons & Fields for WooCommerce < 32.0.7 - Cross-Site Scripting 漏洞描述 The Product Addons & Fields for WooCommerce WordPress ...
2023年9月12日 20:22CVE-2022-1162: GitLab CE/EE – Hard-Coded Credentials
漏洞标题 CVE-2022-1162: GitLab CE/EE - Hard-Coded Credentials 漏洞描述 GitLab CE/EE contains a hard-coded credentials vulnerability. A hardcoded password was set for accounts regis...
2022年5月26日 07:28CVE-2021-21287: MinIO Browser API – Server-Side Request Forgery
漏洞标题 CVE-2021-21287: MinIO Browser API - Server-Side Request Forgery 漏洞描述 MinIO Browser API before version RELEASE.2021-01-30T00-20-58Z contains a server-side request forge...
2021年2月24日 17:15CVE-2025-56819: Datart v1.0.0-rc.3 – Remote Code Execution
漏洞标题 CVE-2025-56819: Datart v1.0.0-rc.3 - Remote Code Execution 漏洞描述 Datart v1.0.0-rc.3 contains a vulnerability that allows remote attackers to execute arbitrary code via ...
2025年9月9日 04:29
