FE 漏洞列表
共找到 200 个与 FE 相关的漏洞
📅 加载漏洞趋势中...
- 2025-12-05飞企互联 FE 业务协作平台 servlet/webchat/attachment/1 文件读取漏洞
- POC 2025-11-21CVE-2025-12055: MPDV Mikrolab GmbH HYDRA X, MIP 2 & FEDRA 2 - Path Traversal
- 2025-11-14School Fees Payment System /student.php SQL 注入漏洞(CVE-2025-6403)
- POC 2025-11-07CVE-2025-6403: Code-Projects School Fees Payment System 1.0 - SQL Injection
- POC 2025-11-07CVE-2025-9985: Featured Image from URL (FIFU) <= 5.2.7 - Unauthenticated Information Exposure via Log File
- 2025-09-29飞企互联FE业务协作平台 ChangeBGServlet 任意文件上传漏洞
- 2025-09-28NVIDIA Triton Inference Server 未授权 命令注入漏洞
- 2025-09-26(CVE-2025-20362)思科ASA和FTD VPN Web服务器输入验证漏洞导致未授权访问受限URL
- 2025-09-26WordPress Featured Image from URL plugin信息泄露漏洞(CVE-2025-9985)
- 2025-09-04飞企互联-FE企业运营管理平台 attachment/1 存在任意文件读取
- 2025-09-01esafenet-cdgserver3-clientloginweb-rce: 亿赛通电子文档系统 ClientLoginWeb RCE
- 2025-09-01esafenet-cdgserver3-fileauditservice-rce: 亿赛通电子文档系统 FileAuditService RCE
- 2025-09-01esafenet-sql-mysql-fileread: 亿赛通未授权文件下载
- 2025-09-01feifeicms-lfr: FeiFeiCMS lfr
- 2025-09-01feiqi-parsetree-sqli: 飞企互联-FE企业运营管理平台 parseTree 接口SQL注入
- 2025-08-22飞企互联-FE企业运营管理平台 /docexchangeManage/checkGroupCode.jsp;.js SQL 注入漏洞
- 2025-08-21飞企互联 OA FEwork /remoteServlet 远程代码执行漏洞
- 2025-08-17Cisco Secure Firewall Management Center和Cisco Secure Firewall Threat Defense 操作系统命令注入漏洞
- 2025-08-08飞企互联-FE企业运营管理平台 /sys/treeXml.js SQL 注入漏洞
- 2025-08-08ESAFENET CDG /CDGServer3/parameter/HookService;logindojojs SQL 注入漏洞 (CVE-2024-10660)
- 2025-08-08飞企互联-FE企业运营管理平台 /common/efficientCodewidget39.jsp;.js SQL 注入漏洞
- 2025-08-05(CVE-2025-4604)Liferay Portal和DXP版本验证码绕过导致远程代码执行漏洞
- POC 2025-08-01CVE-2010-1478: Joomla! Component Jfeedback 1.2 - Local File Inclusion
- POC 2025-08-01CVE-2011-5265: Featurific For WordPress 1.6.2 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-10976: Safe Editor Plugin < 1.2 - CSS/JS-injection
- POC 2025-08-01CVE-2017-4011: McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting
- POC 2025-08-01CVE-2018-12634: CirCarLife Scada <4.3 - System Log Exposure
- POC 2025-08-01CVE-2018-16668: CirCarLife <4.3 - Improper Authentication
- POC 2025-08-01CVE-2018-16670: CirCarLife <4.3 - Improper Authentication
- POC 2025-08-01CVE-2018-16671: CirCarLife <4.3 - Improper Authentication
- POC 2025-08-01CVE-2019-9632: ESAFENET CDG - Arbitrary File Download
- POC 2025-08-01CVE-2020-16139: Cisco Unified IP Conference Station 7937G - Denial-of-Service
- POC 2025-08-01CVE-2020-24148: Import XML & RSS Feeds WordPress Plugin <= 2.0.1 Server-Side Request Forgery
- POC 2025-08-01CVE-2020-26919: NETGEAR ProSAFE Plus - Unauthenticated Remote Code Execution
- POC 2025-08-01CVE-2020-3452: Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local File Inclusion
- POC 2025-08-01CVE-2020-7318: McAfee ePolicy Orchestrator <5.10.9 Update 9 - Cross-Site Scripting
- POC 2025-08-01CVE-2020-7961: Liferay Portal Unauthenticated < 7.2.1 CE GA2 - Remote Code Execution
- POC 2025-08-01CVE-2021-24762: WordPress Perfect Survey <1.5.2 - SQL Injection
- POC 2025-08-01CVE-2021-25055: WordPress FeedWordPress < 2022.0123 - Authenticated Cross-Site Scripting
- POC 2025-08-01CVE-2021-25065: Smash Balloon Social Post Feed < 4.1.1 - Authenticated Reflected Cross-Site Scripting
- POC 2025-08-01CVE-2021-25120: Easy Social Feed < 6.2.7 - Cross-Site Scripting
- POC 2025-08-01CVE-2022-1910: WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting
- POC 2025-08-01CVE-2022-1937: WordPress Awin Data Feed <=1.6 - Cross-Site Scripting
- POC 2025-08-01CVE-2022-2383: WordPress Feed Them Social <3.0.1 - Cross-Site Scripting
- POC 2025-08-01CVE-2022-29009: Cyber Cafe Management System 1.0 - SQL Injection
- POC 2025-08-01CVE-2022-29383: NETGEAR ProSafe SSL VPN firmware - SQL Injection
- POC 2025-08-01CVE-2022-33901: WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read
- POC 2025-08-01CVE-2022-42118: Liferay Portal - Cross-site Scripting
- POC 2025-08-01CVE-2023-34362: MOVEit Transfer - Remote Code Execution
- POC 2025-08-01CVE-2023-36934: MOVEit Transfer - SQL Injection
- POC 2025-08-01CVE-2023-40752: PHPJabbers Make an Offer Widget v1.0 - Cross-Site Scripting
- POC 2025-08-01CVE-2023-4521: Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE
- POC 2025-08-01CVE-2023-5089: Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)
- POC 2025-08-01CVE-2024-45488: SafeGuard for Privileged Passwords < 7.5.2 - Authentication Bypass
- POC 2025-08-01CVE-2025-1661: HUSKY – Products Filter Professional for WooCommerce <= 1.3.6.5 - Unauthenticated Local File Inclusion
- POC 2025-08-01CVE-2025-4388: Liferay Portal - Cross-Site Scripting
- POC 2025-08-01CVE-2018-12634: CirCarLife Scada <4.3 - System Log Exposure
- POC 2025-08-01CVE-2018-16668: CirCarLife <4.3 - Improper Authentication
- POC 2025-08-01CVE-2018-16670: CirCarLife <4.3 - Improper Authentication
- POC 2025-08-01CVE-2018-16671: CirCarLife <4.3 - Improper Authentication
- POC 2025-08-01CVE-2020-7961: Liferay Portal RCE 反序列化命令执行漏洞
- POC 2025-08-01secure-transfeross-disabled: Secure Transfer for OSS Buckets - Disabled
- POC 2025-08-01aem-felix-console: Adobe Experience Manager Felix Console - Default Login
- POC 2025-08-01azure-defender-auto-provisioning-disabled: Azure Defender for Cloud Automatic Provisioning Disabled
- POC 2025-08-01azure-storage-secure-transfer: Azure Storage Secure Transfer Not Enabled
- POC 2025-08-01circarlife-installer: CirCarLife - Installer
- POC 2025-08-01feiqi-fe-showimageservlet-fileread: 飞企互联 FE业务协作平台 ShowImageServlet 任意文件读取漏洞
- POC 2025-08-01feiqi-uploadattachmentservlet-fileupload: 飞企互联-FE企业运营管理平台uploadAttachmentServlet接口存在任意文件上传漏洞
- POC 2025-08-01hanming-video-conferencing-file-read: Hanming Video Conferencing File Read
- POC 2025-08-01dns-zone-transfer-any: DNS Zone Transfer Allowed to Any Host
- POC 2025-08-01dns-zone-transfer-check: DNS Zone Transfer Check
- POC 2025-08-01safe-dll-search-mode-disabled: Safe DLL Search Mode Disabled
- POC 2025-08-01windows-defender-realtime-protection-disabled: Windows Defender Real-Time Protection Disabled
- POC 2025-08-01buzzfeed-mango-csp-bypass: Content-Security-Policy Bypass - BuzzFeed Mango
- POC 2025-08-01wanhu-oa-tele-conference-service-xxe: 万户OA TeleConferenceService XXE注入漏洞
- POC 2025-08-01yonyou-fe-templateoftaohong-manager-path-traversal: 用友 FE协作办公平台 templateOfTaohong_manager.jsp 目录遍历漏洞
- POC 2025-08-01CNVD-2023-96945: McVie Safety Digital Management Platform - Arbitrary File Upload
- POC 2025-08-01aem-felix-console: Adobe Experience Manager Felix Console - Default Login
- POC 2025-08-01esafenet-cdg-default-login: Esafenet CDG - Default Login
- POC 2025-08-01feiyuxing-default-login: Feiyuxing Enterprise-Level Management System - Default Login
- POC 2025-08-01joomla-manifest-file: Joomla! Manifest File - Disclosure
- POC 2025-08-01circarlife-installer: CirCarLife - Installer
- POC 2025-08-01liferay-jsonws: Liferay /api/jsonws - API Exposed
- POC 2025-08-01springboot-features: Detects Springboot Features Actuator
- POC 2025-08-01dlink-netgear-xss: Dlink DSR-250 and Netgear Prosafe - Cross-Site Scripting
- POC 2025-08-01esafenet-mysql-fileread: Esafenet CDG mysql - File Read
- POC 2025-08-01esafenet-netsecconfigajax-sqli: Esafenet CDG NetSecConfigAjax - Sql Injection
- POC 2025-08-01esafenet-noticeajax-sqli: Esafenet CDG NoticeAjax - Sql Injection
- POC 2025-08-01liferay-resource-leak: Liferay - Local File Inclusion
- POC 2025-08-01feifeicms-lfr: FeiFeiCms - Local File Inclusion
- POC 2025-08-01goanywhere-mft-log4j-rce: GoAnywhere Managed File Transfer - Remote Code Execution (Apache Log4j)
- POC 2025-08-01hanming-lfr: Hanming Video Conferencing - Local File Inclusion
- POC 2025-08-01mcafee-epo-rce: McAfee ePolicy Orchestrator - Arbitrary File Upload
- POC 2025-08-01wanhu-teleconferenceservice-xxe: Wanhu OA TeleConferenceService Interface - XML External Entity Injection
- POC 2025-08-01wordpress-wordfence-lfi: WordPress Wordfence 7.4.5 - Local File Inclusion
- POC 2025-08-01wordpress-wordfence-waf-bypass-xss: Wordpress Wordfence - Cross-Site Scripting
- POC 2025-08-01wordpress-wordfence-xss: WordPress Wordfence 7.4.6 - Cross0Site Scripting
- POC 2025-08-01yonyou-fe-directory-traversal: FE collaborative Office templateOfTaohong_manager.jsp - Path Traversal
- 2025-07-14飞企互联FE企业运营管理平台 publicData.jsp 存在SQL注入漏洞
- 2025-07-09用友FE协同平台 /common/uploadFile.jsp 文件上传漏洞
- 2025-07-03飞企互联-FE企业运营管理平台 ChangeBGServlet 远程命令执行漏洞
- 2025-06-10(CVE-2025-4577)Smash Balloon Social Post Feed插件存储型跨站脚本漏洞
- 2025-05-17(CVE-2025-4391)Echo RSS Feed Post Generator插件任意文件上传漏洞
- 2025-05-15LiferayPortal存在反射xss漏洞(CVE-2025-4388)
- 2025-05-07(CVE-2025-4388)Liferay Portal及DXP反射型跨站脚本漏洞
- 2025-04-19IBM Storage Defender 加密问题漏洞
- 2025-04-12Elastic Defend 日志信息泄露漏洞
- 2025-04-08(CVE-2025-3402)Seeyon致远互联FE协同办公平台5.5.2 /sysform/042/check.js%70参数Name SQL注入漏洞
- 2025-03-14致远互联FE协同办公平台 /security/addUser.jsp SQL 注入漏洞
- 2025-03-10致远互联FE addUser.jsp 存在SQL注入漏洞
- 2025-03-06EsafeNet CDG 注入漏洞
- 2025-02-12致远互联FE协作办公平台 loadInforData.jsp SQL注入漏洞
- 2025-02-12Apache Felix Webconsole 跨站脚本漏洞
- 2025-01-16Microsoft Active Directory Federation Services 跨站请求伪造漏洞
- 2025-01-13WordPress plugin Perfect Portal Widgets 跨站脚本漏洞
- 2024-12-20IBM Security Guardium Key Lifecycle Manager 日志信息泄露漏洞
- 2024-12-20IBM Storage Defender 信任管理问题漏洞
- 2024-11-28飞企互联FE协作平台 ProxyServletUti SSRF漏洞
- 2024-11-15飞企互联-FE企业运营管理平台 /submitLogin 默认口令漏洞
- 2024-11-08飞企互联-FE企业运营管理平台 /oaerp/ui/common/publicData.js%70 SQL 注入漏洞
- 2024-11-02EsafeNet CDG SQL注入漏洞
- 2024-11-02ESAFENET CDG SQL注入漏洞
- 2024-11-02EsafeNet CDG SQL注入漏洞
- 2024-11-02EsafeNet CDG SQL注入漏洞
- 2024-11-01飞企互联-FE企业运营管理平台 权限绕过漏洞
- 2024-11-01飞企互联 FE 业务协作平台 /ProxyServletUtil 文件读取漏洞
- 2024-11-01致远互联FE协作办公平台 /codeMoreWidget.js%70 SQL 注入漏洞
- 2024-11-01EsafeNet CDG SQL注入漏洞
- 2024-11-01ESAFENET CDG SQL注入漏洞
- 2024-11-01ESAFENET CDG SQL注入漏洞
- 2024-09-27飞企互联FE企业运营管理平台 /common_sort_tree.jsp 代码执行漏洞
- 2024-08-28用友FE协同平台存在文件上传漏洞
- 2024-08-16万户OA TeleConferenceService XXE漏洞
- 2024-08-13万户OA TeleConferenceService XXE漏洞
- 2024-08-09迪康Defender电子文档某上传接口存在 安全管理系统文件上传漏洞
- 2024-08-01飞企互联 FE 业务协作平台 OfficeServer.jsp存在远程命令执行漏洞
- 2024-07-29飞企互联 FE企业运营管理平台 checkGroupCode.jsp SQL注入漏洞
- 2024-07-29飞企互联 FE企业运营管理平台 ProxyServletUtil 任意文件读取漏洞
- 2024-07-29飞企互联FE企业运营管理平台uploadAttachmentServlet文件上传漏洞
- 2024-07-27飞企互联 FE企业运营管理平台 publicData.jsp SQL注入漏洞
- 2024-07-27飞企互联FE企业运营管理平台treeXml.jsp SQL注入漏洞
- 2024-07-27飞企互联FE企业运营管理平台ajax_codewidget39.jsp SQL注入漏洞
- 2024-07-26天问ERP ParkingFeelFileDownLoad 任意文件读取漏洞
- 2024-07-25飞企互联FE efficientCodewidget39 sql注入漏洞
- 2024-07-12致远互联FE协作办公平台 apprvaddNew SQL注入漏洞
- 2024-07-10Netgear ProSafe 防火墙 SQL 注入漏洞
- 2024-06-27Progress MOVEit Transfer 身份验证绕过漏洞
- 2024-06-26飞企互联-FE企业运营管理平台 efficientCodewidget39.jsp 存在SQL注入漏洞
- 2024-06-25飞企互联-FE企业运营管理平台 ajax_codewidget39 存在SQL注入漏洞
- 2024-06-25飞企互联-FE企业运营管理平台 checkGroupCode 存在SQL注入漏洞
- 2024-06-21Microsoft Office WordPerfect栈溢出漏洞
- 2024-06-14飞企互联-FE企业运营管理平台 treeXml.jsp SQL注入漏洞
- 2024-06-13致远互联FE ncsubjass 存在SQL注入漏洞
- 2024-06-07FE协作办公平台 /common/uploadFile.jsp 任意文件上传漏洞
- 2024-05-31铭飞CMS /cms/content/list.do 接口 sqlWhere 参数 SQL 注入漏洞(CNVD-2024-06148)
- 2024-05-31致远互联FE协作办公平台 SQL注入漏洞
- 2024-05-24飞企互联-FE企业运营管理平台 /servlet/uploadAttachmentServlet 文件上传漏洞
- 2024-05-23Netgear ProSAFE CVE-2023-38098 fileUpload.do任意文件上传漏洞
- 2024-05-23Netgear ProSAFE NMS300 image.do目录遍历漏洞
- 2024-05-20Triton Inference Server 远程代码执行漏洞
- 2024-05-17NETGEAR ProSAFE网络管理系统SQL注入漏洞
- 2024-05-17Netgear ProSAFE fileUpload.do任意文件上传漏洞
- 2024-05-17Netgear ProSAFE Network Management System 跨站脚本漏洞
- 2024-05-17Netgear ProSAFE NMS CVE-2023-38095 任意文件上传漏洞
- 2024-05-17Netgear ProSAFE NMS300 getNodesByTopologyMapSearch SQL注入漏洞
- 2024-04-29飞企互联-FE企业运营管理平台 downLoadFiles.js 存在任意文件下载漏洞
- 2024-04-23用友FE协作办公平台 templateOfTaohong_manager.jsp 目录遍历漏洞
- 2024-04-18博飞电子Perfect系统任意文件读取
- 2024-04-11Progress MOVEit Transfer SILCertToUser SQL注入漏洞
- 2024-04-10飞企互联-FE企业运营管理平台 remoteServlet 远程命令执行漏洞
- 2024-04-10飞企互联-FE企业运营管理平台 uploadAttachmentServlet 任意文件上传漏洞
- 2024-04-08飞企互联OA FEwork remoteServlet存在命令执行漏洞
- 2024-04-08飞企互联OA FEwork ChangeBGServlet存在命令执行漏洞
- 2024-04-07飞企互联 FE 业务协作平台 backgroupport存在远程命令执行漏洞
- 2024-03-22飞企互联-FE企业运营管理平台 uploadAttachmentServlet 存在任意文件上传
- 2024-03-19Liferay Portal存在未授权命令执行(CVE-2020-7961)
- 2024-03-15致远互联-FE协作办公平台 uploadAccessory.jsp 文件上传漏洞
- 2024-03-15飞企互联-FE企业运营管理平台 proxyservletutil 任意文件读取漏洞
- 2024-03-01Thales SafeNet Sentinel HASP LDK本地提权漏洞(CVE-2024-0197)
- 2024-02-29飞企互联 FE企业运营管理平台 loginService 任意登陆漏洞
- 2024-02-29飞企互联 FE企业运营管理平台 SYS_LINK 任意登陆漏洞
- 2024-02-22BACKCLICK Professional 远程代码执行漏洞
- 2024-02-22C-DATA ONU4FERW CVE-2021-44132命令执行漏洞
- 2024-02-22Active Directory Federation Services权限提升漏洞
- 2024-02-07Progress MOVEit Transfer moveitisapi SQL注入漏洞
- 2024-02-07Progress MOVEit Transfer FolderListRecursive SQL注入漏洞
- 2024-02-07Progress MOVEit Transfer X-siLock-FileID SQL注入漏洞
- 2024-02-07锐捷 networksafe.php 远程代码执行漏洞
- 2024-02-07Progress MOVEit Transfer UserEngine UserCheckClientCert SQL注入漏洞
- 2024-01-30飞企互联FE业务协作平台未授权访问
- 2024-01-03飞企互联 FE 业务协作平台 ProxyServletUti 文件读取漏洞
- 2023-12-15WordPress Plugin Ads by datafeedr.com 跨站脚本漏洞
- 2023-12-11致远互联FE协作办公平台存在sql注入
- 2023-10-08飞企互联-FE企业运营管理平台存在认证绕过漏洞
- 2023-09-11飞企互联FE企业运营管理平台 存在任意文件下载漏洞
- 2023-08-23飞企互联 FE 业务协作平台远程命令执行漏洞
- 2023-08-20用友FE协同办公平台 /security/addUser.jsp 未授权访问漏洞
- 2023-08-20用友FE协同办公平台 system-bean.xm 信息泄露漏洞
- 2023-08-11飞企互联 FE 业务协作平台 magePath 参数文件读取漏洞
- 2023-08-10飞企互联 FE 业务协作平台 ShowImageServlet 文件 magePath 参数文件读取漏洞