CVE-2020-24903: Cute Editor for ASP.NET 6.4 – Cross-Site Scripting
漏洞标题 CVE-2020-24903: Cute Editor for ASP.NET 6.4 - Cross-Site Scripting 漏洞描述 Cute Editor for ASP.NET 6.4 contains a cross-site scripting vulnerability. An attacker can inje...
松下承认严重数据泄露,涉技术文件和客户敏感信息
日本科技巨头松下(Panasonic)在上周五发布了一份声明,承认其服务器遭到了入侵,有未知的第三方非法访问了其技术文件和业务合作伙伴信息。松下在新闻稿中称其首次于11月11日发现入侵,但据日...
CVE-2011-5252: Orchard ‘ReturnUrl’ Parameter URI – Open Redirect
漏洞标题 CVE-2011-5252: Orchard 'ReturnUrl' Parameter URI - Open Redirect 漏洞描述 Open redirect vulnerability in Users/Account/LogOff in Orchard 1.0.x before 1.0.21, 1.1...
CVE-2024-36837: CRMEB v.5.2.2 – SQL Injection
漏洞标题 CVE-2024-36837: CRMEB v.5.2.2 - SQL Injection 漏洞描述 SQL Injection vulnerability in CRMEB v.5.2.2 allows a remote attacker to obtain sensitive information via the getPro...
bugbounty技巧聚合20220216
漏洞报告 POST URL跳转? 100$ http://hackerone.com/reports/1358977 爆破使用户无法收到2FA验证码导致无法登录 900$ http://hackerone.com/reports/1406495 挖洞技巧 CVE-2022-22536 EXP http...
CVE-2022-34048: Wavlink WN-533A8 – Cross-Site Scripting
漏洞标题 CVE-2022-34048: Wavlink WN-533A8 - Cross-Site Scripting 漏洞描述 Wavlink WN-533A8 M33A8.V5030.190716 contains a reflected cross-site scripting vulnerability via the login_...
CVE-2023-51449: Gradio Hugging Face – Local File Inclusion
漏洞标题 CVE-2023-51449: Gradio Hugging Face - Local File Inclusion 漏洞描述 Gradio LFI when auth is not enabled, affects versions 4.0 - 4.10, also works against Gradio < 3.33 P...
CVE-2018-7600: Drupal – Remote Code Execution
漏洞标题 CVE-2018-7600: Drupal - Remote Code Execution 漏洞描述 Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute ...
基于Docker部署Tomcat集群、 Nginx负载均衡的问题小结_docker
这篇文章主要介绍了基于Docker部署 Tomcat集群、 Nginx负载均衡,本文给大家介绍的非常详细,对大家的学习或工作具有一定的参考借鉴价值,需要的朋友可以参考下 目录写在前面一,Ngixn 镜像制作...
CVE-2019-1653: Cisco Small Business WAN VPN Routers – Sensitive Information Disclosure
漏洞标题 CVE-2019-1653: Cisco Small Business WAN VPN Routers - Sensitive Information Disclosure 漏洞描述 Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could all...
IDEA编辑器整合Apache Tomcat的详细教程_Tomcat
这篇文章主要介绍了IDEA编辑器整合Apache Tomcat教程,本文通过图文并茂的形式给大家介绍的非常详细,对大家的学习或工作具有一定的参考借鉴价值,需要的朋友可以参考下 1.到Apache Tomcat 官网...
CVE-2018-2893: Oracle WebLogic Server – Remote Code Execution
漏洞标题 CVE-2018-2893: Oracle WebLogic Server - Remote Code Execution 漏洞描述 The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services) versio...
CVE-2018-13379: Fortinet FortiOS – Credentials Disclosure
漏洞标题 CVE-2018-13379: Fortinet FortiOS - Credentials Disclosure 漏洞描述 Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8...
CVE-2018-8024: Apache Spark UI – Cross-Site Scripting
漏洞标题 CVE-2018-8024: Apache Spark UI - Cross-Site Scripting 漏洞描述 Apache Spark UI before 2.3.2 is vulnerable to XSS via unsanitized query string parameters in the /jobs/ endp...
CVE-2022-23854: AVEVA InTouch 安全网关 AccessAnywhere 任意文件读取漏洞
漏洞标题 CVE-2022-23854: AVEVA InTouch 安全网关 AccessAnywhere 任意文件读取漏洞 漏洞描述 AVEVA InTouch Access Anywhere Secure Gateway 2020 R2及以前的版本存在路径遍历漏洞,未授权的...
CVE-2022-39960: Jira Netic Group Export <1.0.3 - Missing Authorization
漏洞标题 CVE-2022-39960: Jira Netic Group Export <1.0.3 - Missing Authorization 漏洞描述 Jira Netic Group Export add-on before 1.0.3 contains a missing authorization vulnerabili...
