CVE-2024-4348: osCommerce v4.0 – Cross-site Scripting
漏洞标题 CVE-2024-4348: osCommerce v4.0 - Cross-site Scripting 漏洞描述 A vulnerability, which was classified as problematic, was found in osCommerce 4. Affected is an unknown func...
CVE-2015-8399: Atlassian Confluence configuration files read
漏洞标题 CVE-2015-8399: Atlassian Confluence configuration files read 漏洞描述 Atlassian Confluence before 5.9.1 allows remote attackers to read arbitrary files via a crafted reque...
奇葩漏洞面面观
下载地址:http://i0x0fy4ibf.feishu.cn/file/boxcnP2siX6p3DN3YjKEomok3kb 简介 0x00 众里寻他千百度 0x01 精骛八极,心游万仞 0x02 天下大事,必作于细 0x03 不破楼兰终不还 0x04 工欲善其事,...
CVE-2020-2036: Palo Alto Networks PAN-OS Web Interface – Cross Site-Scripting
漏洞标题 CVE-2020-2036: Palo Alto Networks PAN-OS Web Interface - Cross Site-Scripting 漏洞描述 PAN-OS management web interface is vulnerable to reflected cross-site scripting. A r...
bugbounty技巧聚合20210923
漏洞报告 Zomato 【750刀】安卓deeplink利用 http://hackerone.com/reports/532225 挖洞技巧 【15000刀】npm漏洞五连杀 CVE-2021-32804 ($10,000) CVE-2021-32803 ($2,000) CVE-2021-37701 ($2,...
CVE-2010-1982: Joomla! Component JA Voice 2.0 – Local File Inclusion
漏洞标题 CVE-2010-1982: Joomla! Component JA Voice 2.0 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the JA Voice (com_javoice) component 2.0 for Joomla! a...
CVE-2020-8813: Cacti v1.2.8 – Remote Code Execution
漏洞标题 CVE-2020-8813: Cacti v1.2.8 - Remote Code Execution 漏洞描述 Cacti v1.2.8 is susceptible to remote code execution. This vulnerability could be exploited without authentica...
CVE-2024-2330: NS-ASG Application Security Gateway 6.3 – Sql Injection
漏洞标题 CVE-2024-2330: NS-ASG Application Security Gateway 6.3 - Sql Injection 漏洞描述 A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been...
Atlassian Jira 用户枚举(CVE-2019-3403)
漏洞标题 Atlassian Jira 用户枚举(CVE-2019-3403) 漏洞描述 8.1.1之前的Jira通过searchOwnerUserName参数中的ConfigurePortalPages.jspa资源包含跨站点脚本漏洞。 PoC代码 暂无
docker容器下配置jupyter notebook的操作_docker
这篇文章主要介绍了docker容器下配置jupyter notebook的操作,具有很好的参考价值,希望对大家有所帮助。一起跟随小编过来看看吧 docker容器下配置jupyter notebook,主要是为了编写python代码...
CVE-2024-34257: TOTOLINK EX1800T TOTOLINK EX1800T – Command Injection
漏洞标题 CVE-2024-34257: TOTOLINK EX1800T TOTOLINK EX1800T - Command Injection 漏洞描述 TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypType paramete...
CVE-2021-21345: XStream < 1.4.16 - Remote Code Execution
漏洞标题 CVE-2021-21345: XStream < 1.4.16 - Remote Code Execution 漏洞描述 XStream before 1.4.16 is susceptible to remote code execution. An attacker who has sufficient rights c...
CVE-2018-17283: Zoho ManageEngine OpManager – SQL Injection
漏洞标题 CVE-2018-17283: Zoho ManageEngine OpManager - SQL Injection 漏洞描述 Zoho ManageEngine OpManager before 12.3 Build 123196 does not require authentication for /oputilsServl...
CVE-2018-18264: Kubernetes Dashboard <1.10.1 - Authentication Bypass
漏洞标题 CVE-2018-18264: Kubernetes Dashboard <1.10.1 - Authentication Bypass 漏洞描述 Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashb...
Apache Solr <= 8.8.1 SSRF(CVE-2021-27905)
漏洞标题 Apache Solr <= 8.8.1 SSRF(CVE-2021-27905) 漏洞描述 Apache Solr中的ReplicationHandler(通常注册在Solrcore下的“/replication”)有一个“masterUrl”(也称为“leaderUrl”别...
nginx实现发布静态资源的方法_nginx
这篇文章主要介绍了nginx实现发布静态资源的方法,本文给大家介绍的非常详细,对大家的学习或工作具有一定的参考借鉴价值,需要的朋友可以参考下 步骤 将准备好的静态资源文件放在指定文件夹 更...
