所有文章 - Y4er的博客

所有文章

2022

CVE-2022-23131 Zabbix Web Frontend Bypassing the SAML SSO Authentication 02-22

CVE-2021-44521 Apache Cassandra 加载UDF RCE 02-12

CVE-2021-42631 PrinterLogic Web Stack unserialize RCE 01-28

CVE-2022-22733 Apache ShardingSphere ElasticJob-UI RCE 01-21

dotnet 反序列化的另外几个gadget 01-21

CVE-2021-45456 Apache Kylin 命令注入 01-13

MeterSphere PluginController Pre-Auth RCE 01-07

2021

CVE-2021-45232 Apache APISIX Dashboard Unauthorized Access Vulnerability 12-28

CVE-2021-44077 Zoho ManageEngine ServiceDesk Plus Pre-Auth RCE 12-07

CVE-2021-34992 Orckestra C1 CMS Deserialization RCE 12-04

CVE-2021-21234 Spring Boot Actuator Logview Directory Traversal 12-01

CommVault Command Center Pre-Auth Rce 11-25

Apache Storm两个未授权CVE 11-01

CVE-2021-35218 SolarWinds PM Chart端点RCE 10-29

CVE-2021-35216 SolarWinds PM EditTopXX.aspx RCE 10-23

CVE-2021-35217 SolarWinds PM WSAsyncExecuteTasks RCE 10-23

CVE-2021-35215 SolarWinds ActionPluginBaseView RCE 10-23

利用本地Factory绕过jdk高版本限制进行jndi注入 10-20

CVE-2021-22941 Citrix ShareFile Storage RCE 10-20

asp.net无法getshell的一些解决办法 06-28

1
2
3
4
5
10