New pages

(newest | oldest) View (newer 50 | older 50) (20 | 50 | 100 | 250 | 500)

10:14, 22 May 2021 ‎OneBlog開源博客管理系統遠程命令執行漏洞 (hist | edit) ‎[191 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==漏洞利用== 由於使用含有漏洞版本的Apache Shiro和默認的密鑰，導致OneBlog存在遠程命令執行漏洞。 shiro 默認密鑰： File:1621585571545...")
10:10, 22 May 2021 ‎日產聆風電動汽車(Leaf EV) 2018款本地拒絕服務漏洞 (hist | edit) ‎[749 bytes] ‎Pwnwiki (talk | contribs) (Created page with "日產聆風電動汽車（EV）的主機顯示屏本地拒絕服務漏洞，可用於鎖定屏幕。鎖定後，汽車仍可行駛，但無法再使用顯示器（即使汽...")
10:08, 22 May 2021 ‎雲尚在線客服系統任意文件上傳漏洞 (hist | edit) ‎[564 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==FOFA== <pre> body="cgwl.ico" </pre> ==漏洞利用== 訪問 <pre> /index/index/home?visiter_id=&visiter_name=&avatar=&business_id=1&groupid=0&special=1 //默認ID為1 接...")
10:05, 22 May 2021 ‎CVE-2021-24186 WordPress插件Tutor LMS SQL注入漏洞 (hist | edit) ‎[1,232 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==影響版本== <pre> Tutor LMS – eLearning and online course solution < 1.8.3 </pre> ==POC== <pre> POST /courses/first-class/tutor_quiz/test/ HTTP/1.1 Host: [URL] Content...")
10:03, 22 May 2021 ‎CVE-2021-24209 WordPress WP Super Cache插件小於1.7.2 RCE漏洞 (hist | edit) ‎[877 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==POC== <pre> POST /wp-admin/options-general.php?page=wpsupercache&tab=settings HTTP/1.1 User-Agent: Mozilla/5.0 Content-Type: application/x-www-form-urlencoded Content-Length...")
10:01, 22 May 2021 ‎CVE-2021-24213 WordPress GiveWP 2.9.7 反射型XSS漏洞 (hist | edit) ‎[250 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==POC== <pre> http://localhost/wp-admin/edit.php?s=%22%3E<script>alert(0)</script>&start-date&end-date&form_id=0&action=-1&paged=1&give_action=delete_bulk_donor&orderby=id&ord...")
10:00, 22 May 2021 ‎CVE-2021-24175 WordPress Elementor Page Builder Plus插件身份驗證繞過漏洞 (hist | edit) ‎[945 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==影響版本== Elementor Page Builder <4.1.7 ==POC== <pre> curl -X POST --data action=theplus_ajax_login --data email=admin -iLSS https://example.com/wp-admin/admin-ajax.ph...")
09:58, 22 May 2021 ‎CVE-2021-31169 Windows容器管理器服務權限提升漏洞 (hist | edit) ‎[294 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==POC== https://github.com/JustYoomoon/Exploit/blob/main/GS20210512135847.tgz 1）編譯C#項目。需要獲取NuGet庫。包含.NET 5和.NET 4.71版本。 2）在系統上...")
09:54, 22 May 2021 ‎CNVD-2021-16592 阿里巴巴otter manager分佈式數據庫同步系統信息洩漏/默認口令 (hist | edit) ‎[204 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==FOFA== <pre> title="Otter Manager" </pre> ==默認口令== <pre> admin/admin </pre> ==信息泄漏== 進入後直接f12查看元素，修改password為text即可查看數...")
19:39, 21 May 2021 ‎2021年5月贊助金額 (hist | edit) ‎[21 bytes] ‎Pwnwiki (talk | contribs) (Created page with "anonymous(1) 7.78USD")
19:19, 21 May 2021 ‎智能垃圾分類管理系統 SQL注入漏洞 (hist | edit) ‎[784 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==FOFA== <pre> title="智能垃圾分类管理系统" </pre> ==漏洞利用== 發送請求包 <pre> POST /ghc_master/data/action.admindata.php HTTP/1.1 Host: xxx.xxx.xxx.xxx...")
17:15, 21 May 2021 ‎VirIT Explorer Lite & Pro 8.1.68 本地特權提升漏洞 (hist | edit) ‎[6,839 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> /* Full title: VirIT Explorer Lite & Pro v.8.1.68 Local Privilege Escalation (System)/Arbitrary Code Execution Exploit Author: Paolo Stagno - voidsec@voidsec....")
17:11, 21 May 2021 ‎CVE-2021-21551 DELL dbutil 2 3.sys 2.3 任意寫入&本地特權提升漏洞（LPE） (hist | edit) ‎[6,729 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: DELL dbutil_2_3.sys 2.3 - Arbitrary Write to Local Privilege Escalation (LPE) # Date: 10/05/2021 # Exploit Author: Paolo Stagno aka VoidSec # Ve...")
17:08, 21 May 2021 ‎Mozilla Firefox 88.0.1 Extension任意代碼執行漏洞 (hist | edit) ‎[3,683 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: Mozilla Firefox 88.0.1 - File Extension Execution of Arbitrary Code # Date: 20/05/2021 # Exploit Authors: Carlo Di Dato and Michael Caruso from...")
16:56, 21 May 2021 ‎Spotweb 1.4.9 - DOM Based XSS漏洞 (hist | edit) ‎[2,093 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: Spotweb 1.4.9 - DOM Based Cross-Site Scripting (XSS) # Exploit Author: @nu11secur1ty # Date: 05.20.2021 # Software Link: https://github.com/spo...")
14:39, 21 May 2021 ‎ASUS HID Access Service 1.0.94.0 - 'AsHidSrv.exe' Unquoted Service Path (hist | edit) ‎[1,717 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: ASUS HID Access Service 1.0.94.0 - 'AsHidSrv.exe' Unquoted Service Path # Date: 2020-05-19 # Exploit Author: Alejandra Sánchez # Vendor Homepag...")
14:37, 21 May 2021 ‎Backup Manager Module 3.0.0.99 - 'IScheduleSvc.exe' Unquoted Service Path (hist | edit) ‎[1,662 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: Acer Backup Manager Module 3.0.0.99 - 'IScheduleSvc.exe' Unquoted Service Path # Discovery by: Emmanuel Lujan # Discovery Date: 2021-05-19 # Ve...")
14:36, 21 May 2021 ‎Acer Updater Service 1.2.3500.0 - 'UpdaterService.exe' Unquoted Service Path (hist | edit) ‎[1,652 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: Acer Updater Service 1.2.3500.0 - 'UpdaterService.exe' Unquoted Service Path # Discovery by: Emmanuel Lujan # Discovery Date: 2020-11-26 # Vend...")
10:41, 21 May 2021 ‎騰訊QQ ClinetKey&Skey 免密登錄 (hist | edit) ‎[484 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==利用原理== 釣魚&嗅探 ==使用Key登錄QQ郵箱== <pre> http://ptlogin2.qq.com/jump?clientuin=QQ&clientkey=key&keyindex=9&u1=https%3A%2F%2Fmail.qq.com%2Fcgi-bin%2Flo...")
09:34, 21 May 2021 ‎漢王人臉考勤管理系統 Check SQL注入漏洞 (hist | edit) ‎[809 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==FOFA== <pre> title=""汉王人脸考勤管理系统"" </pre> ==漏洞利用== 請求包如下: <pre> POST /Login/Check HTTP/1.1 Host: x.x.x.x Content-Length: 27 Accept: */...")
09:31, 21 May 2021 ‎啟萊OA treelist.aspx SQL注入漏洞 (hist | edit) ‎[313 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==FOFA== <pre> app="启莱OA" </pre> 存在SQL注入的文件為 treelist.aspx <pre> http://xxx.xxx.xxx.xxx/client/treelist.aspx?user=' and (select db_name())>0--&pwd=1 </pre...")
09:28, 21 May 2021 ‎啟萊OA messageurl.aspx SQL注入漏洞 (hist | edit) ‎[318 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==FOFA== <pre> app="启莱OA" </pre> 存在SQL注入的文件為 messageurl.aspx <pre> http://xxx.xxx.xxx.xxx/client/messageurl.aspx?user=' and (select db_name())>0--&pwd=1 <...")
09:26, 21 May 2021 ‎啟萊OA CloseMsg.aspx SQL注入漏洞 (hist | edit) ‎[305 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==FOFA== <pre> app="启莱OA" </pre> 存在SQL注入的文件為 CloseMsg.aspx: <pre> http://xxx.xxx.xxx.xxx/client/CloseMsg.aspx?user=' and (select db_name())>0--&pwd=1 </pr...")
09:24, 21 May 2021 ‎Selea OCR-ANPR攝像機 get file.php 任意文件讀取漏洞 (hist | edit) ‎[1,077 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==漏洞影響== <pre> Selea Selea Targa IP OCR-ANPR Camera iZero Selea Selea Targa IP OCR-ANPR Camera Targa 512 Selea Selea Targa IP OCR-ANPR Camera Targa 504 Selea Selea...")
09:22, 21 May 2021 ‎Selea OCR-ANPR攝像機 SeleaCamera 任意文件讀取漏洞 (hist | edit) ‎[1,155 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==漏洞影響== <pre> Selea Selea Targa IP OCR-ANPR Camera iZero Selea Selea Targa IP OCR-ANPR Camera Targa 512 Selea Selea Targa IP OCR-ANPR Camera Targa 504 Selea Selea...")
09:19, 21 May 2021 ‎CNVD-2021-01929 安徽陽光心健心理測量平台目錄遍歷漏洞 (hist | edit) ‎[222 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==FOFA== <pre> icon_hash="-320896955" </pre> ==漏洞利用== 訪問 <pre> http://xxx.xxx.xxx.xxx/admin/ </pre> 其中 <pre> http://xxx.xxx.xxx.xxx/admin/UserFiles/ </pre>...")
14:11, 20 May 2021 ‎Mongoose Web Server 6.9 拒絕服務漏洞 (hist | edit) ‎[923 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: Mongoose Web Server 6.9 - Denial of Service (PoC) # Dork: N/A # Date: 2018-11-11 # Exploit Author: Ihsan Sencan # Vendor Homepage: https://cesan...")
13:51, 20 May 2021 ‎藍海卓越計費管理系統 debug.php 遠程命令執行漏洞 (hist | edit) ‎[126 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==FOFA== <pre> title=="蓝海卓越计费管理系统" </pre> 訪問 debug.php頁面遠程調試命令執行")
09:57, 20 May 2021 ‎ManageEngine ADSelfService Plus 6.1 CSV注入漏洞 (hist | edit) ‎[2,640 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: ManageEngine ADSelfService Plus 6.1 - CSV Injection # Date: 19/05/2021 # Exploit Author: Metin Yunus Kandemir # Vendor Homepage: https://www.man...")
09:55, 20 May 2021 ‎In4Suit ERP 3.2.74.1370 - 'txtLoginId' SQL注入漏洞 (hist | edit) ‎[830 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: In4Suit ERP 3.2.74.1370 - 'txtLoginId' SQL injection # Date: 18/05/2021 # Exploit Author: Gulab Mondal # Vendor Homepage: https://www.in4velocit...")
18:06, 19 May 2021 ‎WebSSH for iOS 14.16.10 - 'mashREPL' 拒絕服務漏洞 (hist | edit) ‎[698 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==POC== <pre> # Exploit Title: WebSSH for iOS 14.16.10 - 'mashREPL' Denial of Service (PoC) # Author: Luis Martinez # Discovery Date: 2021-05-18 # Vendor Homepage: https://app...")
18:05, 19 May 2021 ‎Visual Studio Code 1.47.1 拒絕服務漏洞 (hist | edit) ‎[3,098 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==POC== <pre> # Exploit Tittle: Visual Studio Code 1.47.1 - Denial of Service (Poc) # Exploit Author: H.H.A.Ravindu Priyankara # Category: Denial of Service(DOS) # Tested Vers...")
18:04, 19 May 2021 ‎CVE-2021-24245 WordPress Plugin Stop Spammers 2021.8 - 'log' Reflected XSS漏洞 (hist | edit) ‎[1,355 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==XSS== <pre> # Exploit Title: WordPress Plugin Stop Spammers 2021.8 - 'log' Reflected Cross-site Scripting (XSS) # Date: 04/08/2021 # Exploit Author: Hosein Vita # Vendor Hom...")
13:27, 19 May 2021 ‎H3C IMC dynamiccontent.properties.xhtm 遠程命令執行漏洞 (hist | edit) ‎[2,509 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==FOFA== <pre> body="/imc/javax.faces.resource/images/login_help.png.jsf?ln=primefaces-imc-new-webui" </pre> ==Request== <pre> POST /imc/javax.faces.resource/dynamiccontent.p...")
09:50, 19 May 2021 ‎Rxvt 2.7.0 and rxvt-unicode 9.22 代碼執行漏洞 (hist | edit) ‎[6,743 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> #!/usr/bin/env python # Title: rxvt (remote) code execution over scp with $SHELL=/bin/bash (0day) # Version: rxvt 2.7.10, rxvt-unicode 9.22 # Author: def <def@hu...")
09:33, 19 May 2021 ‎EgavilanMedia PHPCRUD 1.0 - 'First Name' SQL注入漏洞 (hist | edit) ‎[1,045 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==EXP== <pre> # Exploit Title: EgavilanMedia PHPCRUD 1.0 - 'First Name' SQL Injection # Date: 5/17/2021 # Exploit Author: Dimitrios Mitakos # Vendor Homepage: https://egavilan...")
10:04, 18 May 2021 ‎JEEWMS倉庫管理系統權限繞過&未授權任意文件讀取漏洞 (hist | edit) ‎[1,768 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==影響版本== JEEWMS全版本 ==FOFA== <pre> body="plug-in/lhgDialog/lhgdialog.min.js?skin=metro" && body="仓" </pre> ==權限繞過== <pre> POST /wmstest/rest/../BiCont...")
10:00, 18 May 2021 ‎CVE-2021-31166 HTTP協議棧遠程代碼執行漏洞/tr (hist | edit) ‎[1,024 bytes] ‎Pwnwiki (talk | contribs) (Created page with "⚠️️ POC yürütüldüğünde mavi bir ekran görünecektir.")
09:59, 18 May 2021 ‎CVE-2021-31166 HTTP協議棧遠程代碼執行漏洞/ja (hist | edit) ‎[1,026 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==脆弱性への影響==")
09:56, 18 May 2021 ‎CVE-2021-31166 HTTP協議棧遠程代碼執行漏洞/nl (hist | edit) ‎[1,031 bytes] ‎Pwnwiki (talk | contribs) (Created page with "== Impact op kwetsbaarheid ==")
09:55, 18 May 2021 ‎CVE-2021-31166 HTTP協議棧遠程代碼執行漏洞/fr (hist | edit) ‎[1,030 bytes] ‎Pwnwiki (talk | contribs) (Created page with "⚠️️ Un écran bleu apparaîtra lorsque le POC est exécuté.")
09:54, 18 May 2021 ‎CVE-2021-31166 HTTP協議棧遠程代碼執行漏洞/pt (hist | edit) ‎[1,023 bytes] ‎Pwnwiki (talk | contribs) (Created page with "== Referência ==")
09:52, 18 May 2021 ‎CVE-2021-31166 HTTP協議棧遠程代碼執行漏洞/de (hist | edit) ‎[1,056 bytes] ‎Pwnwiki (talk | contribs) (Created page with "== Auswirkungen auf die Sicherheitsanfälligkeit ==")
09:50, 18 May 2021 ‎CVE-2021-31166 HTTP協議棧遠程代碼執行漏洞/uk (hist | edit) ‎[1,056 bytes] ‎Pwnwiki (talk | contribs) (Created page with "When Коли виконується POC, з’явиться синій екран.")
09:47, 18 May 2021 ‎CVE-2021-31166 HTTP協議棧遠程代碼執行漏洞/ar (hist | edit) ‎[1,011 bytes] ‎Pwnwiki (talk | contribs) (Created page with "== تأثير الضعف ==")
09:42, 18 May 2021 ‎CVE-2021-31166 HTTP協議棧遠程代碼執行漏洞/he (hist | edit) ‎[1,021 bytes] ‎Pwnwiki (talk | contribs) (Created page with "== הפניה ==")
09:40, 18 May 2021 ‎CVE-2021-31166 HTTP協議棧遠程代碼執行漏洞/es (hist | edit) ‎[1,026 bytes] ‎Pwnwiki (talk | contribs) (Created page with "== Impacto de la vulnerabilidad ==")
09:38, 18 May 2021 ‎CVE-2021-31166 HTTP協議棧遠程代碼執行漏洞/ru (hist | edit) ‎[1,060 bytes] ‎Pwnwiki (talk | contribs) (Created page with "== Ссылка ==")
09:38, 18 May 2021 ‎CVE-2021-31166 HTTP協議棧遠程代碼執行漏洞/en (hist | edit) ‎[1,010 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==Reference==")
09:34, 18 May 2021 ‎CVE-2021-31166 HTTP協議棧遠程代碼執行漏洞 (hist | edit) ‎[1,086 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==漏洞影響== </translate> <pre> Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows...")

(newest | oldest) View (newer 50 | older 50) (20 | 50 | 100 | 250 | 500)

Anonymous

Search

New pages

Namespaces

More

Page actions

Navigation

Navigation

Community

PwnWiki.org

Wiki tools

Wiki tools

Anonymous

Search

New pages

Navigation

Wiki tools

Page tools