漏洞列表 - 漏洞数据展示平台

快速搜索提示： 按厂商查询（如：microsoft）| 按产品查询（如：microsoft sql_server）

搜索关键词支持模糊搜索，但速度较慢

严重程度

数据源

排序

常用厂商： microsoft cisco google apple oracle

示例： microsoft sql_server cisco ios apache http_server

漏洞列表 355738

CVE ID	标题	严重程度	CVSS	发布时间	受影响产品	数据源
CVE-2024-44662	PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the username parameter in t...	MEDIUM	6.5	2025-11-17	phpgurukul online_shopping_portal	CVE NVD
CVE-2024-44663	PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the product parameter in se...	MEDIUM	6.5	2025-11-17	phpgurukul online_shopping_portal	CVE NVD
CVE-2024-44664	PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the name, summary, review, ...	MEDIUM	6.5	2025-11-17	phpgurukul online_shopping_portal	CVE NVD
CVE-2024-46334	kashipara School Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the formuser ...	MEDIUM	6.1	2025-11-17	kashipara school_management_system	CVE NVD
CVE-2024-46335	PHPGurukul Complaint Management System 2.0 is vulnerble to Cross Site Scripting (XSS) via the fromda...	MEDIUM	4.6	2025-11-17	phpgurukul complaint_management_system	CVE NVD
CVE-2024-46336	kashipara School Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via /client_user/...	MEDIUM	6.1	2025-11-17	kashipara school_management_system	CVE NVD
CVE-2025-63292	Freebox v5 HD (firmware = 1.7.20), Freebox v5 Crystal (firmware = 1.7.20), Freebox v6 Révolution r1–...	LOW	3.5	2025-11-17	freebox v5_hd_firmware freebox v5_crystal_firmware +3个	CVE NVD
CVE-2025-63708	Cross-Site Scripting (XSS) vulnerability exists in SourceCodester AI Font Matcher (nid=18425, 2025-1...	MEDIUM	6.1	2025-11-17	remyandrade ai_font_matcher	CVE NVD
CVE-2025-63747	QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installation...	CRITICAL	9.8	2025-11-17	testmanagement qatraq	CVE NVD
CVE-2025-63748	QaTraq 6.9.2 allows authenticated users to upload arbitrary files via the "Add Attachment" feature i...	HIGH	8.8	2025-11-17	testmanagement qatraq	CVE NVD
CVE-2025-63916	MyScreenTools v2.2.1.0 contains a critical OS command injection vulnerability in the GIF compression...	HIGH	8.1	2025-11-17	luotengyuan myscreentools	CVE NVD
CVE-2025-63917	PDFPatcher thru 1.1.3.4663 executable's XML bookmark import functionality does not restrict XML exte...	HIGH	7.1	2025-11-17	cnblogs pdfpatcher	CVE NVD
CVE-2025-63918	PDFPatcher executable does not validate user-supplied file paths, allowing directory traversal attac...	MEDIUM	6.2	2025-11-17	cnblogs pdfpatcher	CVE NVD
CVE-2025-64046	OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /system/update-run.php.	MEDIUM	6.1	2025-11-17	openrapid rapidcms	CVE NVD
CVE-2025-65073	OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request ...	HIGH	7.5	2025-11-17	OpenStack Keystone OpenStack Keystone	CVE NVD
CVE-2025-65083	GoSign Desktop through 2.4.1 disables TLS certificate validation when configured to use a proxy serv...	LOW	3.2	2025-11-17	Tinexta Infocert GoSign Desktop	CVE NVD
CVE-2025-13253	projectworlds Advanced Library Management System add_librarian.php sql injection	MEDIUM	5.3	2025-11-16	projectworlds Advanced Library Management System projectworlds advanced_library_management_system	CVE NVD
CVE-2025-13252	shsuishang ShopSuite ModulithShop RSA/OAuth2/Database hard-coded credentials	MEDIUM	6.9	2025-11-16	shsuishang ShopSuite ModulithShop	CVE NVD
CVE-2025-13251	WeiYe-Jing datax-web sql injection	MEDIUM	5.3	2025-11-16	WeiYe-Jing datax-web WeiYe-Jing datax-web +2个	CVE NVD
CVE-2025-13250	WeiYe-Jing datax-web Job triggerJob access control	MEDIUM	5.3	2025-11-16	WeiYe-Jing datax-web WeiYe-Jing datax-web +2个	CVE NVD

耗时统计

总耗时:	239.66 ms
构建查询耗时:	0.0 ms
统计耗时:	228.19 ms
获取数据耗时:	10.2 ms
数据转换耗时:	1.27 ms

数据统计

匹配文档数:	355738
返回文档数:	20
当前页码:	681
每页数量:	20
跳过记录数:	13600

查询详情

查询集合:	`uni_vulnerabilities`
使用过滤器:	否
搜索关键词:	-
严重程度:	-
数据源:	-
效率分析:	良好查询速度正常

优化建议：

匹配文档数量很大（355738），建议使用更精确的搜索条件
当前未使用任何过滤条件，查询全部数据可能较慢

漏洞列表 355738

参考链接