渗透云记 -专注于网络安全与技术分享
!
也想出现在这里? 联系我们
创意广告
最新发布第290页
CVE-2023-29357: Microsoft SharePoint - Authentication Bypass-渗透云记 - 专注于网络安全与技术分享

CVE-2023-29357: Microsoft SharePoint – Authentication Bypass

漏洞标题 CVE-2023-29357: Microsoft SharePoint - Authentication Bypass 漏洞描述 Microsoft SharePoint Server Elevation of Privilege Vulnerability PoC代码
CVE-2017-11107: phpLDAPadmin <= 1.2.3 - Reflected XSS-渗透云记 - 专注于网络安全与技术分享

CVE-2017-11107: phpLDAPadmin <= 1.2.3 - Reflected XSS

漏洞标题 CVE-2017-11107: phpLDAPadmin <= 1.2.3 - Reflected XSS 漏洞描述 phpLDAPadmin <= 1.2.3 contains a reflected cross-site scripting caused by unsanitized input in htdocs/...
CVE-2017-14725: WordPress < 4.8.2 - Authenticated Open Redirect-渗透云记 - 专注于网络安全与技术分享

CVE-2017-14725: WordPress < 4.8.2 - Authenticated Open Redirect

漏洞标题 CVE-2017-14725: WordPress < 4.8.2 - Authenticated Open Redirect 漏洞描述 WordPress versions before 4.8.2 contain an open redirect caused by improper validation in wp-ad...
CVE-2017-0929: DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery-渗透云记 - 专注于网络安全与技术分享

CVE-2017-0929: DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery

漏洞标题 CVE-2017-0929: DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery 漏洞描述 DotNetNuke (aka DNN) before 9.2.0 suffers from a server-side request forgery ...
云记的头像-渗透云记 - 专注于网络安全与技术分享云记2017年12月29日 02:09
50
[GYCTF2020]Blacklist -堆叠查询- buu刷题笔记-渗透云记 - 专注于网络安全与技术分享

[GYCTF2020]Blacklist -堆叠查询- buu刷题笔记

启动挑战项目,发现前端界面显示Black list is so weak for you,isn’t it 随便输入几个关键词试试:select,他爆出来所有的黑名单关键词,本来还想fuzz跑一下的 return preg_match('/set|prepa...
沐寒的头像-渗透云记 - 专注于网络安全与技术分享初心赞助沐寒2022年4月27日 17:23
050
CVE-2016-1000149: WordPress Simpel Reserveren <=3.5.2 - Cross-Site Scripting-渗透云记 - 专注于网络安全与技术分享

CVE-2016-1000149: WordPress Simpel Reserveren <=3.5.2 - Cross-Site Scripting

漏洞标题 CVE-2016-1000149: WordPress Simpel Reserveren <=3.5.2 - Cross-Site Scripting 漏洞描述 WordPress plugin Simpel Reserveren 3.5.2 and before contains a reflected cross-sit...
CVE-2024-47073: DataEase v2.10.2 - JWT Signature Verification Bypass-渗透云记 - 专注于网络安全与技术分享

CVE-2024-47073: DataEase v2.10.2 – JWT Signature Verification Bypass

漏洞标题 CVE-2024-47073: DataEase v2.10.2 - JWT Signature Verification Bypass 漏洞描述 DataEase is an open source data visualization analysis tool that helps users quickly analyze ...
云记的头像-渗透云记 - 专注于网络安全与技术分享云记2024年10月12日 00:30
50
CVE-2023-6360: WordPress My Calendar <3.4.22 - SQL Injection-渗透云记 - 专注于网络安全与技术分享

CVE-2023-6360: WordPress My Calendar <3.4.22 - SQL Injection

漏洞标题 CVE-2023-6360: WordPress My Calendar <3.4.22 - SQL Injection 漏洞描述 WordPress My Calendar plugin versions before 3.4.22 are vulnerable to an unauthenticated SQL injec...
CVE-2017-17731: DedeCMS 5.7 - SQL Injection-渗透云记 - 专注于网络安全与技术分享

CVE-2017-17731: DedeCMS 5.7 – SQL Injection

漏洞标题 CVE-2017-17731: DedeCMS 5.7 - SQL Injection 漏洞描述 DedeCMS through 5.7 has SQL Injection via the $_FILES superglobal to plus/recommend.php. PoC代码
CVE-2019-7139: Magento - SQL Injection-渗透云记 - 专注于网络安全与技术分享

CVE-2019-7139: Magento – SQL Injection

漏洞标题 CVE-2019-7139: Magento - SQL Injection 漏洞描述 An unauthenticated user can execute SQL statements that allow arbitrary read access to the underlying database, which cause...
CVE-2019-11886: Yellow Pencil Visual Theme Customizer < 7.2.1 - Privilege Escalation-渗透云记 - 专注于网络安全与技术分享

CVE-2019-11886: Yellow Pencil Visual Theme Customizer < 7.2.1 - Privilege Escalation

漏洞标题 CVE-2019-11886: Yellow Pencil Visual Theme Customizer < 7.2.1 - Privilege Escalation 漏洞描述 The WaspThemes Visual CSS Style Editor (aka yellow-pencil-visual-theme-cus...
继英伟达后,三星190GB机密数据遭同一黑客组织泄露-渗透云记 - 专注于网络安全与技术分享

继英伟达后,三星190GB机密数据遭同一黑客组织泄露

据外媒报道,上周五,距Lapsus$从Nvidia那里窃取1TB机密数据还未过几日(黑客威胁英伟达解除挖矿锁,否则泄露源代码等机密数据),该黑客组织又发布了窃取自韩国电子巨头三星的190GB机密数据,...
云记的头像-渗透云记 - 专注于网络安全与技术分享云记2022年3月10日 23:40
050
CVE-2011-3315: Cisco CUCM, UCCX, and Unified IP-IVR- Directory Traversal-渗透云记 - 专注于网络安全与技术分享

CVE-2011-3315: Cisco CUCM, UCCX, and Unified IP-IVR- Directory Traversal

漏洞标题 CVE-2011-3315: Cisco CUCM, UCCX, and Unified IP-IVR- Directory Traversal 漏洞描述 A directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x an...
CVE-2014-8799: WordPress Plugin DukaPress 2.5.2 - Directory Traversal-渗透云记 - 专注于网络安全与技术分享

CVE-2014-8799: WordPress Plugin DukaPress 2.5.2 – Directory Traversal

漏洞标题 CVE-2014-8799: WordPress Plugin DukaPress 2.5.2 - Directory Traversal 漏洞描述 A directory traversal vulnerability in the dp_img_resize function in php/dp-functions.php in...
CVE-2013-4625: WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting-渗透云记 - 专注于网络安全与技术分享

CVE-2013-4625: WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting

漏洞标题 CVE-2013-4625: WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting 漏洞描述 A cross-site scripting vulnerability in files/installer.cleanup.php in the Duplicator...
CVE-2025-1098: Ingress-Nginx Controller - Configuration Injection via Unsanitized Mirror Annotations-渗透云记 - 专注于网络安全与技术分享

CVE-2025-1098: Ingress-Nginx Controller – Configuration Injection via Unsanitized Mirror Annotations

漏洞标题 CVE-2025-1098: Ingress-Nginx Controller - Configuration Injection via Unsanitized Mirror Annotations 漏洞描述 A security issue was discovered in ingress-nginx https-//gith...
白帽黑客
白帽黑客网络用语中指站在黑客的立场攻击自己的系统以进行安全漏洞排查的程序员。他们用的是黑客(一般指“黑帽子黑客”)惯用的破坏攻击的方法,行的却是维护安全之事
275篇文章更多文章
2026年7月5日 21:03
红队钓鱼攻击专辑
这是最常用的方式,在大多数的APT组织以及红队攻击中,这是最常用的手段。 与传统的宏启用文档相比,这种攻击的好处是多方面的。在对目标执行网络钓鱼攻击时,你可以将.docx 的文档直接...
5篇文章更多文章
2026年3月2日 20:22
2026年3月2日 20:05