CVE-2026-7465

The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.19.25. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server...

ThinkPHP 5.x Remote Code Execution

Exploit Title: ThinkPHP 5.x v5.0.23,v5.1.31 Remote Code Execution Date: 2018-12-11 Exploit Author: VulnSpy Vendor Homepage: https://thinkphp.cn Software Link: https://github.com/top-think/framework/ Version: v5.x below v5.0.23,v5.1.31 CVE: N/A Exploit...

WordPress Plugin Marketplace 2.4.0 - Arbitrary File Download

WordPress Plugin Marketplace 2.4.0 - Arbitrary File Download Exploit Title: WP Marketplace 2.4.0 Arbitrary File Download Date: 26-10-2014 Software Link: https://wordpress.org/plugins/wpmarketplace/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website:...

知道key的情况下对ucserver进行注射

简要描述： 因为帮finger解决问题，无意中看到的漏洞。 怎么拿到key要问finger。 详细说明： 在/ucserver/control/feed.php内有一段代码： function onadd $this-load'misc'; $appid = intval$this-input'appid'; $icon = $this-input'icon'; $uid = intval$this-input'uid'; $username = $this-input'username'; $bodydata =...