CVE-2024-48248: NAKIVO Backup & Replication任意文件读取漏洞
漏洞标题 CVE-2024-48248: NAKIVO Backup & Replication任意文件读取漏洞 漏洞描述 NAKIVO Backup & Replication 是一款专注于虚拟化、云端及混合环境的备份与灾难恢复的解决方案。攻击...
CVE-2018-18608: DedeCMS 5.7 SP2 – Cross-Site Scripting
漏洞标题 CVE-2018-18608: DedeCMS 5.7 SP2 - Cross-Site Scripting 漏洞描述 DedeCMS 5.7 SP2 is vulnerable to cross-site scripting via the function named GetPageList defined in the inc...
CVE-2018-7653: YzmCMS v3.6 – Cross-Site Scripting
漏洞标题 CVE-2018-7653: YzmCMS v3.6 - Cross-Site Scripting 漏洞描述 In YzmCMS 3.6, index.php has XSS via the a, c, or m parameter. PoC代码
CVE-2024-21893: Ivanti SAML – Server Side Request Forgery (SSRF)
漏洞标题 CVE-2024-21893: Ivanti SAML - Server Side Request Forgery (SSRF) 漏洞描述 A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, ...
信息收集-渗透测试岗位如何用工具打配合
注意:本文章只适用于有授权书的项目,切忌不要非法操作,本号不负任何责任,本文不会带上任何工具链接,如有需要自行查找 在信息安全这一行业,我们会遇到各种各样的项目点,比如一个目标到100...
CVE-2023-0678: PHPIPAM
漏洞标题 CVE-2023-0678: PHPIPAM <v1.5.1 - Missing Authorization 漏洞描述 In phpIPAM 1.5.1, an unauthenticated user could download the list of high-usage IP subnets that contains...
CVE-2024-7332: TOTOLINK CP450 v4.1.0cu.747_B20191224 – Hard-Coded Password Vulnerability
漏洞标题 CVE-2024-7332: TOTOLINK CP450 v4.1.0cu.747_B20191224 - Hard-Coded Password Vulnerability 漏洞描述 A critical vulnerability has been discovered in TOTOLINK CP450 version 4....
(CVE-2021-39141) XStream 反序列化漏洞
漏洞标题 (CVE-2021-39141) XStream 反序列化漏洞 漏洞描述 (CVE-2021-39141) XStream 反序列化漏洞 PoC代码 暂无
CVE-2021-46071: ehicle Service Management System 1.0 – Cross-Site Scripting
漏洞标题 CVE-2021-46071: ehicle Service Management System 1.0 - Cross-Site Scripting 漏洞描述 Vehicle Service Management System 1.0 contains a stored cross-site scripting vulnerabi...
CVE-2023-3846: MooDating 1.2 – Cross-Site Scripting
漏洞标题 CVE-2023-3846: MooDating 1.2 - Cross-Site Scripting 漏洞描述 A vulnerability classified as problematic has been found in mooSocial mooDating 1.2. This affects an unknown p...
CVE-2022-0783: Multiple Shipping Address Woocommerce < 2.0 - SQL Injection
漏洞标题 CVE-2022-0783: Multiple Shipping Address Woocommerce < 2.0 - SQL Injection 漏洞描述 The Multiple Shipping Address Woocommerce plugin before 2.0 does not properly saniti...
(CVE-2025-15004)DedeCMS至5.7.118版本freelist_main.php文件orderby参数SQL注入漏洞
漏洞标题 (CVE-2025-15004)DedeCMS至5.7.118版本freelist_main.php文件orderby参数SQL注入漏洞 漏洞描述 (CVE-2025-15004)DedeCMS至5.7.118版本freelist_main.php文件orderby参数SQL注入漏...
Atlassian Jira未授权访问 (CVE-2020-14179)
漏洞标题 Atlassian Jira未授权访问 (CVE-2020-14179) 漏洞描述 该漏洞源于Jira Server and DataCenter允许远程、未经身份验证的攻击者通过/secure/QueryComponent!Default中的一个信息泄露漏洞...
VMware Workstation Pro 16搭建CentOS8虚拟机集群的图文教程_VMware
这篇文章主要介绍了VMware Workstation Pro 16搭建CentOS8虚拟机集群,本文通过图文并茂的形式给大家介绍的非常详细,对大家的学习或工作具有一定的参考借鉴价值,需要的朋友可以参考下 目录准备...
CVE-2010-1603: Joomla! Component ZiMBCore 0.1 – Local File Inclusion
漏洞标题 CVE-2010-1603: Joomla! Component ZiMBCore 0.1 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or com_zimbcore) component...
CVE-2011-1669: WP Custom Pages 0.5.0.1 – Local File Inclusion (LFI)
漏洞标题 CVE-2011-1669: WP Custom Pages 0.5.0.1 - Local File Inclusion (LFI) 漏洞描述 A directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 f...
