解题思路 首先登陆页面发现是这样的： 查看源码源码很正常，也没有什么特别的web 目录扫描 获取到robots.txt下面有一个备份文件 <?php class UserInfo { public $name = ''; public $age = 0...

漏洞标题 CVE-2021-42359: WP DSGVO Tools (GDPR) <= 3.1.23 - Unauthenticated Arbitrary Post Deletion 漏洞描述 WP DSGVO Tools (GDPR) <= 3.1.23 had an AJAX action, ‘admin-dismis...

这篇文章主要介绍了Clickhouse Docker集群部署及配置，示例讲解的非常详细，希望可以帮助到有需要的小伙伴 目录写在前面环境部署Zookeeper集群部署Clickhouse集群部署1.临时镜像拷贝出配置 2.修...

漏洞标题 CVE-2019-12990: Citrix SD-WAN Center - Local File Inclusion 漏洞描述 Citrix SD-WAN Center is susceptible to local file inclusion via the applianceSettingsFileTransfer func...

漏洞标题 CVE-2024-2879: WordPress Plugin LayerSlider 7.9.11-7.10.0 - SQL Injection 漏洞描述 The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup...

漏洞标题 CVE-2025-68613: n8n - Remote Code Execution via Expression Injection 漏洞描述 n8n < 1.120.4, 1.121.1, 1.122.0 contains a remote code execution caused by insufficient is...

漏洞标题 CVE-2021-3019: ffay lanproxy Directory Traversal 漏洞描述 ffay lanproxy 0.1 is susceptible to a directory traversal vulnerability that could let attackers read /../conf/co...

漏洞标题 CVE-2023-27640: PrestaShop tshirtecommerce - Directory Traversal 漏洞描述 The Custom Product Designer (tshirtecommerce) module for PrestaShop allows HTTP requests to be fo...

漏洞标题 CVE-2019-14974: SugarCRM Enterprise 9.0.0 - Cross-Site Scripting 漏洞描述 SugarCRM Enterprise 9.0.0 contains a cross-site scripting vulnerability via mobile/error-not-supp...

漏洞标题 CVE-2021-21234: Spring Boot Actuator Logview Directory Traversal 漏洞描述 spring-boot-actuator-logview before version 0.2.13 contains a directory traversal vulnerability i...

漏洞标题 CVE-2019-17231: WordPress OneTone theme <= 3.0.6 – Unauthenticated Stored XSS 漏洞描述 includes/theme-functions.php in the OneTone theme through 3.0.6 for WordPress ha...

漏洞标题 CVE-2024-4956: Nexus Repository Manager 文件读取漏洞 漏洞描述 Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed ...

漏洞标题 CVE-2025-41393: Ricoh Web Image Monitor - Reflected XSS 漏洞描述 A reflected cross-site scripting vulnerability exists in the laser printers and MFPs (multifunction printe...

漏洞标题 CVE-2022-43017: OpenCATS 0.9.6 - Cross-Site Scripting 漏洞描述 OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the indexFile component. An attacker can in...

我家菜刀丢了，你能帮我找一下么 一句话木马也在这eval($_POST['Syc']); 现在的问题是木马有了，不知道文件名和路径，尝试目录扫描之后，居然只有一个index.php 按照ctf的尿性，玩的就是脑回路...

今天我来水一篇文章《如何一行命令汉化火狐浏览器》 我们只需要安装一个语言包就可以了 首先我们切换到root账户 sudo su 之后使用apt安装语言包 apt install firefox-esr-l10n-zh-cn 没了，就这...