New pages

(newest | oldest) View (newer 50 | older 50) (20 | 50 | 100 | 250 | 500)

21:45, 8 July 2021 ‎CVE-2019-18370 （小米） Xiaomi Mi WiFi R3G 遠程命令執行漏洞 (hist | edit) ‎[3,401 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==漏洞影響== </translate> Xiaomi Mi WiFi R3G 2.28.23-stable previous version ==POC== ===template.xml=== <pre> <?xml version="1.0"?> <root> <cla...")
21:41, 8 July 2021 ‎CNVD-2020-68869 新開普電子股份有限公司物聯網平台任意文件下載漏洞 (hist | edit) ‎[559 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==漏洞影響== </translate> <translate> 新開普電子股份有限公司物聯網平台 </translate> ==POC== <pre> GET /api/device/foreignId//...")
21:39, 8 July 2021 ‎CNVD-2020-10530 深圳市科皓信息技術有限公司測站綜合管理平台邏輯缺陷漏洞 (hist | edit) ‎[785 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==前提條件== </translate> <translate> 該漏洞需要普通用戶身份登錄平台，登錄平台後可以以普通用戶的權限重置所有...")
21:35, 8 July 2021 ‎數字化校園平台校園綜合管理系統任意文件上傳漏洞 (hist | edit) ‎[280 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==漏洞利用== </translate> <translate> 企業用戶註冊： </translate> <pre> https://<target>/DC_Login/QYSignUp </pre> <translate> 企業相關...")
21:32, 8 July 2021 ‎CNVD-2020-21993 南京南軟科技有限公司研究生管理信息系統邏輯缺陷漏洞 (hist | edit) ‎[321 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==漏洞利用== </translate> <translate> 登入系統 </translate> <pre> https://<target>/gmis/login.aspx </pre> <translate> 查看學生信息（...")
21:29, 8 July 2021 ‎CNVD-2020-10526 南京南軟科技有限公司研究生管理信息系統任意密碼修改漏洞 (hist | edit) ‎[221 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==漏洞利用== </translate> <pre> https://<target>/pyxx/grgl/xsmmxg.aspx </pre> <translate> 修改學號爲需要重置帳號密碼的帳號，保...")
20:25, 8 July 2021 ‎YApi 未授權用戶創建&Mock遠程命令執行漏洞/zh-cn (hist | edit) ‎[1,205 bytes] ‎Pwnwiki (talk | contribs) (Created page with "YApi 未授权用户创建&Mock远程命令执行漏洞")
20:22, 8 July 2021 ‎YApi 未授權用戶創建&Mock遠程命令執行漏洞 (hist | edit) ‎[1,526 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <center> {| style="border: 2.0px solid grey; background: #b3ff9c;" width="85%" | align="center" width="60px"| link=|55px | align="center" |''...")
19:16, 8 July 2021 ‎Wordpress Plugin SP Project & Document Manager 4.21 遠程代碼執行漏洞 (hist | edit) ‎[503 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <center> {| style="border: 2.0px solid grey; background: #b3ff9c;" width="85%" | align="center" width="60px"| link=|55px | align="center" |'''...")
19:13, 8 July 2021 ‎Wyomind Help Desk 1.3.6 遠程代碼執行漏洞 (hist | edit) ‎[10,337 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==漏洞影響== </translate> Version: <= 1.3.6 ==EXP== <pre> # Exploit Title: Wyomind Help Desk 1.3.6 - Remote Code Execution (RCE) # Date: 2021-0...")
19:12, 8 July 2021 ‎Employee Record Management System 1.2 XSS漏洞 (hist | edit) ‎[881 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: Employee Record Management System 1.2 - Stored Cross-Site Scripting (XSS) # Date: 07 July 2021 # Exploit Author: Subhadip Nag (mrl0s3r) # Vendor Homepag...")
19:11, 8 July 2021 ‎Exam Hall Management System 1.0 任意文件上傳&RCE漏洞 (hist | edit) ‎[2,050 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==漏洞影響== </translate> # Version: 1.0 ==EXP== <pre> # Exploit Title: Exam Hall Management System 1.0 - Unrestricted File Upload + RCE (Unauthe...")
14:36, 8 July 2021 ‎DocCMS keyword SQL注入漏洞 (hist | edit) ‎[838 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==漏洞影響== </translate> DocCMS ==FOFA== <pre> app="Doccms" </pre> ==POC== <pre> /search/index.php?keyword=1%25%32%37%25%32%30%25%36%31%25%36%...")
14:34, 8 July 2021 ‎PbootCMS ext price SQL注入漏洞 (hist | edit) ‎[509 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==漏洞影響== </translate> PbootCMS < 1.2.1 ==FOFA== <pre> app="PBOOTCMS" </pre> ==Payload== <pre> /index.php/Index?ext_price%3D1: and: upda...")
14:31, 8 July 2021 ‎PbootCMS search SQL注入漏洞 (hist | edit) ‎[387 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==漏洞影響== </translate> PbootCMS < 1.2.1 ==FOFA== <pre> app="PBOOTCMS" </pre> <translate> ==漏洞利用== </translate> <pre> /index.php/Sea...")
14:30, 8 July 2021 ‎CVE-2020-10204 Nexus Repository Manger extdirect 後台遠程命令執行漏洞 (hist | edit) ‎[2,052 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==漏洞影響== </translate> Nexus < 3.21.1 <translate> ==前提條件== </translate> <translate> 漏洞觸發需要任意賬戶權限 </translate>...")
14:27, 8 July 2021 ‎CVE-2019-7238 Nexus Repository Manger extdirect 遠程命令執行漏洞 (hist | edit) ‎[7,796 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==漏洞影響== </translate> Nexus < 3.14.0 ==FOFA== <pre> app="Nexus-Repository-Manager" </pre> <translate> ==漏洞利用== </translate> <transla...")
14:24, 8 July 2021 ‎CVE-2020-10199 Nexus Repository Manger group 後台遠程命令執行漏洞 (hist | edit) ‎[5,720 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==漏洞影響==  </translate> <pre> Nexus < 3.21.1 </pre> ==FOFA== <pre> app="Nexus-Repository-Manager" </pre> <translate> ==前提條件...")
14:21, 8 July 2021 ‎CVE-2020-11444 Nexus Repository Manger change-password 低權限修改管理員密碼漏洞 (hist | edit) ‎[1,007 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==漏洞影響== </translate> <pre> Nexus 3.x OSS / Pro <= 3.21.1 </pre> <translate> ==前提條件== </translate> <translate> 需要任意賬戶權...")
14:02, 8 July 2021 ‎Online Covid Vaccination Scheduler System 1.0 SQL注入漏洞 (hist | edit) ‎[2,023 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: Online Covid Vaccination Scheduler System 1.0 - 'username' time-based blind SQL Injection # Date: 2021-07-07 # Exploit Author: faisalfs10x (https://gith...")
17:56, 7 July 2021 ‎极致CMS 遠程命令執行漏洞/zh-cn (hist | edit) ‎[2,304 bytes] ‎Pwnwiki (talk | contribs) (Created page with "==前提条件==")
17:54, 7 July 2021 ‎极致CMS 遠程命令執行漏洞 (hist | edit) ‎[2,592 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==漏洞信息== </translate> <translate> 該漏洞首發於奇安信攻防社區，原文在<small>[https://forum.butian.net/share/232 這裏]</smal...")
10:59, 7 July 2021 ‎Phone Shop Sales Managements System 1.0 身份驗證繞過漏洞 (hist | edit) ‎[1,135 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: Phone Shop Sales Managements System 1.0 - Authentication Bypass (SQLi) # Date: 2021-07-06 # Exploit Author: faisalfs10x (https://github.com/faisalfs10x)...")
10:58, 7 July 2021 ‎Phone Shop Sales Managements System 1.0 遠程代碼執行漏洞 (hist | edit) ‎[4,563 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: Phone Shop Sales Managements System 1.0 - 'Multiple' Arbitrary File Upload to Remote Code Execution # Date: 2021-07-06 # Exploit Author: faisalfs10x (ht...")
10:57, 7 July 2021 ‎WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 目錄遍歷漏洞 (hist | edit) ‎[495 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 - Directory Traversal # Date: 05.07.2021 # Exploit Author: TheSmuggler # Vendor H...")
10:56, 7 July 2021 ‎Visual Tools DVR VX16 4.2.28 本地權限提升漏洞 (hist | edit) ‎[427 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation # Date: 2021-07-05 # Exploit Author: Andrea D'Ubaldo # Vendor Homepage: https://visual-tools.c...")
10:56, 7 July 2021 ‎Exam Hall Management System 1.0 無限制文件上傳漏洞 (hist | edit) ‎[4,710 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: Exam Hall Management System 1.0 - Unrestricted File Upload (Unauthenticated) # Date: 06/07/2021 # Exploit Author: Thamer Almohammadi (@Thamerz88) # Vend...")
10:53, 7 July 2021 ‎Billing System Project 1.0 遠程命令執行漏洞 (hist | edit) ‎[2,653 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: Billing System Project 1.0 - Remote Code Execution (RCE) (Unauthenticated) # Date: 06.07.2021 # Exploit Author: Talha DEMİRSOY # Software Link: https:/...")
10:51, 7 July 2021 ‎CVE-2019-14322 Pallets Werkzeug 0.15.4 目錄遍歷漏洞 (hist | edit) ‎[4,483 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: Pallets Werkzeug 0.15.4 - Path Traversal # Date: 06 July 2021 # Original Author: Emre ÖVÜNÇ # Exploit Author: faisalfs10x (https://github.com/faisalf...")
10:50, 7 July 2021 ‎Black Box Kvm Extender 3.4.31307 本地文件包含漏洞 (hist | edit) ‎[828 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: Black Box Kvm Extender 3.4.31307 - Local File Inclusion # Date: 05.07.2021 # Exploit Author: Ferhat Çil # Vendor Homepage: http://www.blackbox.com/ # S...")
10:48, 7 July 2021 ‎Netgear DGN2200v1 遠程命令執行漏洞 (hist | edit) ‎[2,307 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: Netgear DGN2200v1 - Remote Command Execution (RCE) (Unauthenticated) # Date: 02.07.2021 # Exploit Author: SivertPL # Vendor Homepage: https://www.netgea...")
10:47, 7 July 2021 ‎Visual Tools DVR VX16 4.2.28.0 命令注入漏洞 (hist | edit) ‎[528 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: Visual Tools DVR VX16 4.2.28.0 - OS Command Injection (Unauthenticated) # Date: 2021-07-05 # Exploit Author: Andrea D'Ubaldo # Vendor Homepage: https://...")
10:46, 7 July 2021 ‎Perfexcrm 1.10 XSS漏洞 (hist | edit) ‎[2,467 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: perfexcrm 1.10 - 'State' Stored Cross-site scripting (XSS) # Date: 05/07/2021 # Exploit Author: Alhasan Abbas (exploit.msf) # Vendor Homepage: https://w...")
10:45, 7 July 2021 ‎Ricon Industrial Cellular Router S9922XL 遠程代碼執行漏洞 (hist | edit) ‎[2,623 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: Ricon Industrial Cellular Router S9922XL - Remote Command Execution (RCE) # Date: 02.07.2021 # Exploit Author: LiquidWorm # Vendor Homepage: https://ww...")
09:01, 6 July 2021 ‎Online Birth Certificate System 1.1 XSS漏洞 (hist | edit) ‎[918 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: Online Birth Certificate System 1.1 - 'Multiple' Stored Cross-Site Scripting (XSS) # Date: 03 July 2021 # Exploit Author: Subhadip Nag # Author Linkedi...")
09:01, 6 July 2021 ‎Church Management System 1.0 任意文件上傳&遠程代碼執行漏洞 (hist | edit) ‎[2,044 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: Church Management System 1.0 - Unrestricted File Upload to Remote Code Execution (Authenticated) # Date: 07/03/2021 # Exploit Author: Murat DEMIRCI (@bu...")
09:00, 6 July 2021 ‎Church Management System 1.0 - 'Multiple' XSS漏洞 (hist | edit) ‎[1,149 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: Church Management System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS) # Date: 07/03/2021 # Exploit Author: Murat DEMIRCI (@butterflyhunt3r) # Vend...")
08:59, 6 July 2021 ‎Church Management System 1.0 - 'password' SQL注入漏洞 (hist | edit) ‎[1,390 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: Church Management System 1.0 - 'password' SQL Injection (Authentication Bypass) # Date: 07/03/2021 # Exploit Author: Murat DEMIRCI (@butterflyhunt3r) #...")
08:56, 6 July 2021 ‎CVE-2021-24155 Wordpress Plugin Backup Guard 1.5.8 遠程代碼執行漏洞 (hist | edit) ‎[23,972 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==影響版本== </translate> <pre> Version: Before 1.6.0 </pre> ==EXP== <pre> # Exploit Title: Wordpress Plugin Backup Guard 1.5.8 - Remote Code Ex...")
08:54, 6 July 2021 ‎Simple Client Management System 1.0 遠程代碼執行漏洞 (hist | edit) ‎[3,090 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: Simple Client Management System 1.0 - Remote Code Execution (RCE) # Date: July 4, 2021 # Exploit Author: Ishan Saha # Vendor Homepage: https://www.sourc...")
08:52, 6 July 2021 ‎Online Voting System 1.0 - SQLi（身份驗證繞過）+ RCE漏洞 (hist | edit) ‎[2,610 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: Ricon Industrial Cellular Router S9922XL - Remote Command Execution (RCE) # Date: 02.07.2021 # Exploit Author: LiquidWorm # Vendor Homepage: https://ww...")
08:50, 6 July 2021 ‎WordPress Plugin WP Learn Manager 1.1.2 XSS漏洞 (hist | edit) ‎[1,353 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<pre> # Exploit Title: WordPress Plugin WP Learn Manager 1.1.2 - Stored Cross-Site Scripting (XSS) # Date: July 2, 2021 # Exploit Author: Mohammed Adam # Vendor Homepage: htt...")
18:26, 5 July 2021 ‎指導方針/en (hist | edit) ‎[4,096 bytes] ‎Pwnwiki (talk | contribs) (Created page with "Users generally <strong>should follow</strong> this policy.")
18:22, 5 July 2021 ‎指導方針/zh-cn (hist | edit) ‎[3,715 bytes] ‎Pwnwiki (talk | contribs) (Created page with "本页是PwnWiki的方针，经社群商议并采纳。")
18:20, 5 July 2021 ‎指導方針 (hist | edit) ‎[4,231 bytes] ‎Pwnwiki (talk | contribs) (Created page with "<center> {| style="border: 2.0px solid grey; background: #f0f8ff;" width="85%" | align="center" width="60px"| link=|55px | align="center" |'''<translate>本...")
17:50, 5 July 2021 ‎金和OA C6 後台越權敏感文件遍歷漏洞 0day/zh-cn (hist | edit) ‎[3,272 bytes] ‎Xc1ym (talk | contribs) (Created page with "==漏洞影响==")
17:25, 5 July 2021 ‎NavBoxTest (hist | edit) ‎[0 bytes] ‎Pwnwiki (talk | contribs) (Created page with "{{Navbox |listclass=hlist |name = {{subst:PAGENAME}} |title = 多媒体超级走廊（马来西亚）{{brClear}}''不带图片'' |group1 = 中心 | list1 = 赛柏再...")
17:11, 5 July 2021 ‎騎士CMS模版註入 &文件包含getshell漏洞/zh-cn (hist | edit) ‎[1,021 bytes] ‎Xc1ym (talk | contribs) (Created page with "骑士CMS模板注入 &文件包含getshell漏洞")
16:42, 5 July 2021 ‎通達OA11.7 利用/zh-cn (hist | edit) ‎[5,565 bytes] ‎Xc1ym (talk | contribs) (Created page with "==漏洞利用== 通达OA任意用户登录条件需要管理员在线")
16:38, 5 July 2021 ‎齊治堡壘機前台遠程命令執行漏洞/zh-cn (hist | edit) ‎[490 bytes] ‎Xc1ym (talk | contribs) (Created page with "==漏洞影响==")

(newest | oldest) View (newer 50 | older 50) (20 | 50 | 100 | 250 | 500)

Anonymous

Search

New pages

Namespaces

More

Page actions

Navigation

Navigation

Community

PwnWiki.org

Wiki tools

Wiki tools

Anonymous

Search

New pages

Navigation

Wiki tools

Page tools