Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

漏洞数据库 - AI 增强中文 CVE 平台 与情报

浏览 165+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。

Clear Filters
Found 165 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-6651 erponline.xyz ERP Online Inventory Edit Item cross site scripting erponline.xyzERP Online Low 2.4 2026-04-20 14:45:12 Deep Dive
CVE-2026-34256 Missing Authorization check in SAP ERP and SAP S/4 HANA (Private Cloud and On-Premise) SAP_SESAP ERP and SAP S/4 HANA (Private Cloud and On-Premise) High 7.1 2026-04-14 00:08:27 Deep Dive
CVE-2019-25710 Dolibarr ERP-CRM 8.0.4 SQL Injection via rowid Parameter DolibarrDolibarr ERP-CRM High 8.2 2026-04-12 12:28:55 Deep Dive
CVE-2019-25707 eBrigade ERP 4.5 SQL Injection via pdf.php EbrigadeeBrigade ERP High 7.1 2026-04-12 12:28:53 Deep Dive
CVE-2026-39393 Post-Installation Re-entry via Cache-Dependent Install Guard Bypass in ci4ms ci4-cms-erpci4ms High 8.1 2026-04-08 14:31:45 Deep Dive
CVE-2026-39389 CI4MS has a Hidden Items Authorization Bypass in Fileeditor Allows Reading Secrets and Writing Protected Files ci4-cms-erpci4ms Medium 6.7 2026-04-08 14:28:30 Deep Dive
CVE-2026-22666 Dolibarr ERP/CRM < 23.0.2 Authenticated RCE via dol_eval_standard() DolibarrDolibarr ERP/CRM High 7.2 2026-04-07 12:41:31 Deep Dive
CVE-2026-35035 CI4MS Company Information Public-Facing Page Full Platform Compromise & Full Account Takeover for All Roles & Privilege-Escalation via System Settings Company Information Stored DOM XSS ci4-cms-erpci4ms High 7.2 2026-04-06 16:49:10 Deep Dive
CVE-2026-34989 CI4MS affected by Profile & User Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS ci4-cms-erpci4ms--2026-04-06 16:25:54 Deep Dive
CVE-2026-34572 CI4MS: Account Deactivation Module Full Persistent Unauthorized Access for All‑Roles via Improper Session Invalidation (Logic Flaw) ci4-cms-erpci4ms High 8.8 2026-04-01 21:35:11 Deep Dive
CVE-2026-34571 CI4MS: Stored Cross‑Site Scripting (Stored XSS) in Backend User Management Allows Session Hijacking and Full Administrative Account Compromise ci4-cms-erpci4ms Critical 9.9 2026-04-01 21:32:17 Deep Dive
CVE-2026-34570 CI4MS: Account Deletion Module Full Persistent Unauthorized Access for All‑Roles via Improper Session Invalidation (Logic Flaw) ci4-cms-erpci4ms High 8.8 2026-04-01 21:30:31 Deep Dive
CVE-2026-34569 CI4MS: Blogs Categories Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS ci4-cms-erpci4ms Critical 9.9 2026-04-01 21:29:34 Deep Dive
CVE-2026-34568 CI4MS: Blogs Posts Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS ci4-cms-erpci4ms Critical 9.1 2026-04-01 21:28:56 Deep Dive
CVE-2026-34567 CI4MS: Blogs Posts (Categories) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS ci4-cms-erpci4ms Critical 9.1 2026-04-01 21:28:24 Deep Dive
CVE-2026-34566 CI4MS: Pages Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS ci4-cms-erpci4ms Critical 9.1 2026-04-01 21:27:01 Deep Dive
CVE-2026-34565 CI4MS: Menu Management (Posts) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS ci4-cms-erpci4ms Critical 9.1 2026-04-01 21:26:22 Deep Dive
CVE-2026-34564 CI4MS: Menu Management (Pages) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS ci4-cms-erpci4ms Critical 9.1 2026-04-01 21:25:53 Deep Dive
CVE-2026-34563 CI4MS: Backup Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM Blind XSS ci4-cms-erpci4ms Critical 9.1 2026-04-01 21:25:14 Deep Dive
CVE-2026-34562 CI4MS: System Settings (Company Information) Full Platform Compromise & Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS ci4-cms-erpci4ms Medium 4.7 2026-04-01 21:23:42 Deep Dive