漏洞标题 CVE-2013-2251: Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution (S2-016) 漏洞描述 In Struts 2 before 2.3.15.1 the information following "action:&quo...

漏洞标题 CVE-2023-37580: Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting 漏洞描述 Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Clas...

漏洞标题 CVE-2025-1974-k8s: Ingress-Nginx Controller - Unauthenticated Remote Code Execution 漏洞描述 A security issue was discovered in ingress-nginx where the `auth-tls-match-cn`...

漏洞标题 CVE-2021-36748: PrestaHome Blog for PrestaShop <1.7.8 - SQL Injection 漏洞描述 PrestaHome Blog for PrestaShop prior to version 1.7.8 is vulnerable to a SQL injection (b...

利用frp工具实现内网穿透 注意：此工具依赖一个有公网 IP 的 PC 或服务器。内网穿透工具就是为了解决上述的没有公网 IP 的问题的。 frp简介 项目地址：http://github.com/fatedier/frp/releases...

解题过程： php伪协议读取flag ?p=php://filter/read=convert.base64-encode/resource=flag 得到 PD9waHAKZGIlKCdubyBubyBubycpOwovL24xYm9va3thZnJfMV9zb2x2ZWR9 进行base64解码 <?php db%(...

漏洞标题 Adobe Commerce/Magento SessionReaper /customer/address_file/upload 文件上传漏洞（CVE-2025-54236） 漏洞描述 Adobe Commerce是一款由Adobe公司开发的电子商务平台，广泛应用于全...

漏洞标题 CVE-2023-30150: PrestaShop leocustomajax 1.0 & 1.0.0 - SQL Injection 漏洞描述 PrestaShop leocustomajax 1.0 and 1.0.0 are vulnerable to SQL Injection via modules/leocus...

漏洞标题 CirCarLifeScada停车场自动化管理系统log-信息泄漏(CVE-2018-12634) 漏洞描述 【漏洞对象】Circontrol CirCarLife Scada 【漏洞描述】 Circontrol CirCarLifeScada是西班牙Circontrol...

漏洞标题 CVE-2023-36287: Webkul QloApps 1.6.0 - Cross-site Scripting 漏洞描述 An unauthenticated Cross-Site Scripting (XSS) vulnerability found in Webkul QloApps 1.6.0 allows an at...

漏洞标题 CVE-2025-4008: MeteoBridge <= 6.1 - Remote Code Execution 漏洞描述 The Meteobridge web interface let meteobridge administrator manage their weather station data collect...

漏洞标题 CVE-2020-3452: Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local File Inclusion 漏洞描述 Cisco Adaptive Security Appliance (ASA) Software and ...

漏洞标题 CVE-2010-1878: Joomla! Component OrgChart 1.0.0 - Local File Inclusion 漏洞描述 A directory traversal vulnerability in the OrgChart (com_orgchart) component 1.0.0 for Joom...

漏洞标题 Bylancer Quicklancer CVE-2024-7188 SQL注入漏洞 漏洞描述 Bylancer Quicklancer是Bylancer公司的一个自由职业者平台。Bylancer Quicklancer 存在SQL注入漏洞。此漏洞是由于对用户发...

漏洞标题 CVE-2020-9496: Apache OFBiz 17.12.03 - Cross-Site Scripting 漏洞描述 Apache OFBiz 17.12.03 contains cross-site scripting and unsafe deserialization vulnerabilities via an ...

漏洞标题 CVE-2023-1671: Sophos Web Appliance - Remote Code Execution 漏洞描述 A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older t...