CVE-2024-57514: TP-Link Archer A20 v3 Router – Cross-site Scripting
漏洞标题 CVE-2024-57514: TP-Link Archer A20 v3 Router - Cross-site Scripting 漏洞描述 The TP-Link Archer A20 v3 router is vulnerable to Cross-site Scripting (XSS) due to improper h...
CVE-2018-19386: SolarWinds Database Performance Analyzer 11.1.457 – Cross-Site Scripting
漏洞标题 CVE-2018-19386: SolarWinds Database Performance Analyzer 11.1.457 - Cross-Site Scripting 漏洞描述 SolarWinds Database Performance Analyzer 11.1.457 contains a reflected cr...
CVE-2021-44427: Rosario Student Information System Unauthenticated SQL Injection
漏洞标题 CVE-2021-44427: Rosario Student Information System Unauthenticated SQL Injection 漏洞描述 An unauthenticated SQL injection vulnerability in Rosario Student Information Sys...
Arcserve Unified Data Protection CVE-2024-0801 拒绝服务漏洞
漏洞标题 Arcserve Unified Data Protection CVE-2024-0801 拒绝服务漏洞 漏洞描述 Arcserve Unified Data Protection存在拒绝服务漏洞,此漏洞是由于EdgeServiceConsoleImpl接口对用户的请求验...
CVE-2018-14574: Django – Open Redirect
漏洞标题 CVE-2018-14574: Django - Open Redirect 漏洞描述 Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 contains an open redirect vulnerability. If django.middleware.common.Co...
CVE-2022-23134: Zabbix Setup Configuration Authentication Bypass
漏洞标题 CVE-2022-23134: Zabbix Setup Configuration Authentication Bypass 漏洞描述 After the initial setup process, some steps of setup.php file are reachable not only by super-adm...
CVE-2022-4260: WordPress WP-Ban <1.69.1 - Stored Cross-Site Scripting
漏洞标题 CVE-2022-4260: WordPress WP-Ban <1.69.1 - Stored Cross-Site Scripting 漏洞描述 WordPress WP-Ban plugin before 1.69.1 contains a stored cross-site scripting vulnerabilit...
CVE-2020-23517: Aryanic HighMail (High CMS) – Cross-Site Scripting
漏洞标题 CVE-2020-23517: Aryanic HighMail (High CMS) - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in Aryanic HighMail (High CMS) versions 2020 and before al...
CVE-2022-43769: Hitachi Pentaho Business Analytics Server – Remote Code Execution
漏洞标题 CVE-2022-43769: Hitachi Pentaho Business Analytics Server - Remote Code Execution 漏洞描述 Hitachi Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2,...
CVE-2010-2918: Joomla! Component Visites 1.1 – MosConfig_absolute_path Remote File Inclusion
漏洞标题 CVE-2010-2918: Joomla! Component Visites 1.1 - MosConfig_absolute_path Remote File Inclusion 漏洞描述 A PHP remote file inclusion vulnerability in core/include/myMailer.cl...
渗透Hacking Team全过程
下载地址:http://i0x0fy4ibf.feishu.cn/file/boxcnylSPzGnXDU4OnEwQZDypTh 作者寄语:这就是整个过程。轻易渗透进企业,并阻止其继续破坏人权。这也是黑客的魅力和不对称性之美:只需100小时的...
bugbounty技巧聚合20220215
漏洞报告 EC2子域接管 http://hackerone.com/reports/1296366 Flask session弱密钥接管用户 1500$ http://hackerone.com/reports/1380121 挖洞技巧 寻找客户端原型污染工具 http://github.com/k...
在Linux环境下安装Kafka_Linux
本文以安装Kafka的步骤做了图文详细介绍,Kafka是一种高吞吐量 的分布式发布订阅消息系统,对Kagka感兴趣的小伙伴可以参考参考本篇文章 目录1.1 Java环境为前提1.2 Zookeeper的安装配置1.3 Kafk...
CVE-2014-4940: WordPress Plugin Tera Charts – Local File Inclusion
漏洞标题 CVE-2014-4940: WordPress Plugin Tera Charts - Local File Inclusion 漏洞描述 Multiple local file inclusion vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordP...
Atlassian Jira信息泄露漏洞(CVE-2019-8449)
漏洞标题 Atlassian Jira信息泄露漏洞(CVE-2019-8449) 漏洞描述 Atlassian Jira 8.4.0之前版本/rest/api/latest/groupuserpicker接口允许远程攻击者枚举用户名,导致信息泄露。 PoC代码 暂无
CVE-2024-0012: Palo Alto Networks PAN-OS身份认证绕过导致RCE漏洞(CVE-2024-0012)
漏洞标题 CVE-2024-0012: Palo Alto Networks PAN-OS身份认证绕过导致RCE漏洞(CVE-2024-0012) 漏洞描述 PAN-OS 设备管理 Web 界面中存在身份认证绕过漏洞,未经身份验证的远程攻击者可以通过网...
