Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 828 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-40748 [20250102] - Core - XSS vector in the id attribute of menu lists Joomla! ProjectJoomla! CMS 高危 -2025-01-07 16:22:01 Deep Dive
CVE-2025-22556 WordPress Norse Rune Oracle plugin <= 1.4.2 - CSRF to Stored XSS vulnerability WP CMS NinjaNorse Rune Oracle Plugin High 7.1 2025-01-07 14:57:15 Deep Dive
CVE-2024-12907 XSS in Kentico 7 KenticoKentico CMS 中危 -2025-01-02 15:59:13 Deep Dive
CVE-2024-47920 Tiki Wiki CMS – CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Tiki WikiCMS High 7.5 2024-12-30 09:46:11 Deep Dive
CVE-2024-47919 Tiki Wiki CMS – CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Tiki WikiCMS Critical 9.8 2024-12-30 09:43:39 Deep Dive
CVE-2024-47918 Tiki Wiki CMS – CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Tiki WikiCMS Medium 6.1 2024-12-30 09:41:53 Deep Dive
CVE-2024-13022 taisan tarzan-cms Article Management UploadController.java UploadResponse unrestricted upload taisantarzan-cms Medium 6.3 2024-12-29 20:00:13 Deep Dive
CVE-2024-56145 RCE when PHP `register_argc_argv` config setting is enabled in craftcms/cms craftcmscms 超危 -2024-12-18 20:37:34 Deep Dive
CVE-2024-12482 cjbi wetech-cms Database Backup BackupFileUtil.java backup path traversal cjbiwetech-cms Medium 4.3 2024-12-11 19:31:07 Deep Dive
CVE-2024-12481 cjbi wetech-cms UserDao.java findUser sql injection cjbiwetech-cms Medium 6.3 2024-12-11 19:31:05 Deep Dive
CVE-2024-12480 cjbi wetech-cms TopicDao.java searchTopic sql injection cjbiwetech-cms Medium 6.3 2024-12-11 19:00:17 Deep Dive
CVE-2024-12479 cjbi wetech-cms TopicDao.java searchTopicByKeyword sql injection cjbiwetech-cms Medium 6.3 2024-12-11 18:31:05 Deep Dive
CVE-2024-11992 Path traversal vulnerability in Quick.CMS Quick.CMSQuick.CMS Critical 9.1 2024-11-29 13:06:30 Deep Dive
CVE-2024-11406 Stored XSS in django CMS Attributes Fields django CMS Associationdjango CMS Attributes Fields Medium 6.9 2024-11-20 12:00:27 Deep Dive
CVE-2024-11404 File Upload Bypass in django Filer django CMS Associationdjango Filer Medium 5.5 2024-11-20 11:55:25 Deep Dive
CVE-2024-52600 Statamic CMS has Path Traversal in Asset Upload statamiccms Medium 5.3 2024-11-19 16:30:12 Deep Dive
CVE-2024-11319 Stored XSS in Open Source Project "django-cms" django CMS Associationdjango-cms Medium 4.8 2024-11-18 11:53:04 Deep Dive
CVE-2024-52291 Craft has a Local File System Validation Bypass Leading to File Overwrite, Sensitive File Access, and Potential Code Execution craftcmscms High 8.4 2024-11-13 16:12:15 Deep Dive
CVE-2024-52292 Craft Allows Attackers to Read Arbitrary System Files craftcmscms High 7.7 2024-11-13 16:08:33 Deep Dive
CVE-2024-52293 Craft has a Potential Remote Code Execution via missing path normalization & Twig SSTI craftcmscms High 7.2 2024-11-13 16:04:52 Deep Dive