User contributions

14:18, 31 May 2021 diff hist -1‎ CVE-2021-27890 MyBB後台論壇主題管理SQL注入漏洞/en ‎ Created page with "Click "Duplicate Theme", then capture the traffic, successfully implemented delayed injection (the injection will also exist in the export function)" current
14:18, 31 May 2021 diff hist +148‎ N Translations:CVE-2021-27890 MyBB後台論壇主題管理SQL注入漏洞/4/en ‎ Created page with "Click "Duplicate Theme", then capture the traffic, successfully implemented delayed injection (the injection will also exist in the export function)" current
14:15, 31 May 2021 diff hist +979‎ N CVE-2021-27890 MyBB後台論壇主題管理SQL注入漏洞/en ‎ Created page with "==Affected Versions=="
14:14, 31 May 2021 diff hist +65‎ N Translations:CVE-2021-27890 MyBB後台論壇主題管理SQL注入漏洞/3/en ‎ Created page with "Import the constructed malicious xml in the backend theme manager" current
14:13, 31 May 2021 diff hist +11‎ N Translations:CVE-2021-27890 MyBB後台論壇主題管理SQL注入漏洞/2/en ‎ Created page with "==Exploit==" current
14:13, 31 May 2021 diff hist +21‎ N Translations:CVE-2021-27890 MyBB後台論壇主題管理SQL注入漏洞/1/en ‎ Created page with "==Affected Versions==" current
14:12, 31 May 2021 diff hist +67‎ N Translations:CVE-2021-27890 MyBB後台論壇主題管理SQL注入漏洞/Page display title/en ‎ Created page with "CVE-2021-27890 SQL Injection vulnerablity in MyBB theme managerment" current
14:05, 31 May 2021 diff hist -59‎ CVE-2021-27890 MyBB後台論壇主題管理SQL注入漏洞/zh-cn ‎ Created page with "==影响版本==" current
14:04, 31 May 2021 diff hist +90‎ N Translations:CVE-2021-27890 MyBB後台論壇主題管理SQL注入漏洞/4/zh-cn ‎ Created page with "点击Duplicate Theme，抓包，成功延时注入（导出主题也会存在该注入）" current
14:04, 31 May 2021 diff hist -183‎ CVE-2021-27890 MyBB後台論壇主題管理SQL注入漏洞/zh-cn ‎ Created page with "在后台主题管理处导入构造的恶意xml"
14:04, 31 May 2021 diff hist +48‎ N Translations:CVE-2021-27890 MyBB後台論壇主題管理SQL注入漏洞/3/zh-cn ‎ Created page with "在后台主题管理处导入构造的恶意xml" current
14:03, 31 May 2021 diff hist +16‎ N Translations:CVE-2021-27890 MyBB後台論壇主題管理SQL注入漏洞/2/zh-cn ‎ Created page with "==漏洞利用==" current
14:03, 31 May 2021 diff hist +1,145‎ N CVE-2021-27890 MyBB後台論壇主題管理SQL注入漏洞/zh-cn ‎ Created page with "CVE-2021-27890 MyBB后台论坛主题管理SQL注入漏洞"
14:03, 31 May 2021 diff hist +16‎ N Translations:CVE-2021-27890 MyBB後台論壇主題管理SQL注入漏洞/1/zh-cn ‎ Created page with "==影响版本==" current
14:03, 31 May 2021 diff hist +58‎ N Translations:CVE-2021-27890 MyBB後台論壇主題管理SQL注入漏洞/Page display title/zh-cn ‎ Created page with "CVE-2021-27890 MyBB后台论坛主题管理SQL注入漏洞" current
10:22, 31 May 2021 diff hist -61‎ GitLab Graphql郵箱信息洩露漏洞 CNVD-2021-14193/zh-cn ‎ Created page with "==参考==" current
10:21, 31 May 2021 diff hist +10‎ N Translations:GitLab Graphql郵箱信息洩露漏洞 CNVD-2021-14193/8/zh-cn ‎ Created page with "==参考==" current
10:21, 31 May 2021 diff hist -62‎ GitLab Graphql郵箱信息洩露漏洞 CNVD-2021-14193/zh-cn ‎ Created page with "成功返回数据，造成Gitlab的用户邮箱信息泄露。"
10:21, 31 May 2021 diff hist +63‎ N Translations:GitLab Graphql郵箱信息洩露漏洞 CNVD-2021-14193/7/zh-cn ‎ Created page with "成功返回数据，造成Gitlab的用户邮箱信息泄露。" current
10:21, 31 May 2021 diff hist -59‎ GitLab Graphql郵箱信息洩露漏洞 CNVD-2021-14193/zh-cn ‎ Created page with "完整数据包为："
10:21, 31 May 2021 diff hist +21‎ N Translations:GitLab Graphql郵箱信息洩露漏洞 CNVD-2021-14193/6/zh-cn ‎ Created page with "完整数据包为：" current
10:21, 31 May 2021 diff hist -61‎ GitLab Graphql郵箱信息洩露漏洞 CNVD-2021-14193/zh-cn ‎ Created page with "发包调用了<code>/api/graphql</code>接口发送数据"
10:21, 31 May 2021 diff hist -61‎ GitLab Graphql郵箱信息洩露漏洞 CNVD-2021-14193/zh-cn ‎ Created page with "查看完报告后发现漏洞利用需要有账号用户名，在不知道的情况下无法取得邮箱，在Graphql官网查看得知可以通过另一个构造的语句一..."
10:21, 31 May 2021 diff hist +58‎ N Translations:GitLab Graphql郵箱信息洩露漏洞 CNVD-2021-14193/5/zh-cn ‎ Created page with "发包调用了<code>/api/graphql</code>接口发送数据" current
10:20, 31 May 2021 diff hist +214‎ N Translations:GitLab Graphql郵箱信息洩露漏洞 CNVD-2021-14193/4/zh-cn ‎ Created page with "查看完报告后发现漏洞利用需要有账号用户名，在不知道的情况下无法取得邮箱，在Graphql官网查看得知可以通过另一个构造的语句一..." current
10:20, 31 May 2021 diff hist -63‎ GitLab Graphql郵箱信息洩露漏洞 CNVD-2021-14193/zh-cn ‎ Created page with "Gitlab本身不允许获取账号邮箱信息，这里通过调用Graphql用户名查询造成了邮箱泄露漏洞"
10:19, 31 May 2021 diff hist +115‎ N Translations:GitLab Graphql郵箱信息洩露漏洞 CNVD-2021-14193/3/zh-cn ‎ Created page with "Gitlab本身不允许获取账号邮箱信息，这里通过调用Graphql用户名查询造成了邮箱泄露漏洞" current
10:18, 31 May 2021 diff hist +3,983‎ N GitLab Graphql郵箱信息洩露漏洞 CNVD-2021-14193/zh-cn ‎ Created page with "==漏洞利用== 请求URL:"
10:18, 31 May 2021 diff hist +27‎ N Translations:GitLab Graphql郵箱信息洩露漏洞 CNVD-2021-14193/2/zh-cn ‎ Created page with "==漏洞利用== 请求URL:" current
10:18, 31 May 2021 diff hist +16‎ N Translations:GitLab Graphql郵箱信息洩露漏洞 CNVD-2021-14193/1/zh-cn ‎ Created page with "==影响版本==" current
10:17, 31 May 2021 diff hist +54‎ N Translations:GitLab Graphql郵箱信息洩露漏洞 CNVD-2021-14193/Page display title/zh-cn ‎ Created page with "GitLab Graphql邮箱信息泄露漏洞 CNVD-2021-14193" current
10:13, 31 May 2021 diff hist +290‎ N CVE-2021-3449 OpenSSL拒絕服務漏洞/zh-cn ‎ Created page with "==漏洞信息==" current
10:13, 31 May 2021 diff hist +16‎ N Translations:CVE-2021-3449 OpenSSL拒絕服務漏洞/2/zh-cn ‎ Created page with "==漏洞信息==" current
10:13, 31 May 2021 diff hist +16‎ N Translations:CVE-2021-3449 OpenSSL拒絕服務漏洞/1/zh-cn ‎ Created page with "==漏洞影响==" current
10:13, 31 May 2021 diff hist +39‎ N Translations:CVE-2021-3449 OpenSSL拒絕服務漏洞/Page display title/zh-cn ‎ Created page with "CVE-2021-3449 OpenSSL拒绝服务漏洞" current
10:13, 31 May 2021 diff hist +153‎ N Translations:CVE-2021-3449 OpenSSL拒絕服務漏洞/3/zh-cn ‎ Created page with "openssl版本低于 1.1.1-k，默认配置下使用 openssl 的软件(包括 nginx 和 trojan-gfw 等)，恶意构造的请求可以让服务器崩溃。" current

Anonymous

Search

User contributions

Namespaces

More

Page actions

Navigation

Navigation

Community

PwnWiki.org

Wiki tools

Wiki tools

Anonymous

Search

User contributions

Navigation

Wiki tools

Page tools