Y4er的博客
归档 专栏 分类 标签 笔记 朋友 作品
Y4er的博客
取消
归档专栏分类标签笔记朋友作品

 代码审计

2022

MeterSphere PluginController Pre-Auth RCE 01-07

2021

CVE-2021-45232 Apache APISIX Dashboard Unauthorized Access Vulnerability 12-28
CVE-2021-44077 Zoho ManageEngine ServiceDesk Plus Pre-Auth RCE 12-07
CVE-2021-34992 Orckestra C1 CMS Deserialization RCE 12-04
CVE-2021-21234 Spring Boot Actuator Logview Directory Traversal 12-01
CommVault Command Center Pre-Auth Rce 11-25
Apache Storm两个未授权CVE 11-01
CVE-2021-35218 SolarWinds PM Chart端点RCE 10-29
CVE-2021-35216 SolarWinds PM EditTopXX.aspx RCE 10-23
CVE-2021-35217 SolarWinds PM WSAsyncExecuteTasks RCE 10-23
CVE-2021-35215 SolarWinds ActionPluginBaseView RCE 10-23
利用本地Factory绕过jdk高版本限制进行jndi注入 10-20
CVE-2021-22941 Citrix ShareFile Storage RCE 10-20
ysoserial AspectJWeaver file write gadget 02-21
WebLogic CVE-2020-14756 T3/IIOP 反序列化RCE 01-27
WebLogic CVE-2021-2109 JNDI RCE 01-27
Apache Flink CVE-2020-17518/17519 读写反序列化 01-20
Real Wolrd CTF Old System New Getter Jndi Gadget 01-14

2020

Java Agent实现反序列化注入内存shell 09-30
Weblogic CVE-2020-14645 07-20
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
由 Hugo 强力驱动 | 托管在 Cloudflare Pages 上 | 主题 - DoIt
2018 - 2023 Y4er | CC BY-NC 4.0