- Slack Golang C2 10-03
- Metinfo7 后台注入及一些tips 09-28
- Laravel v5.8.x Pop Chain 08-22
- zzzphp 远程代码执行审计 08-21
- Discuz Ml v3.x 代码执行分析 07-11
- 代码执行/命令执行总结 04-10
- 指点天下Python签到脚本 12-23
- SmarterStats 基于gRPC的RCE 06-29
- 使用C#开发IIS模块后门 03-26
- 使用C#进行直接系统调用syscall 03-11
- C#免杀之自实现DNS服务器传输shellcode 01-14
- Real Wolrd CTF Old System New Getter Jndi Gadget 01-14
- 每日一问:记一次命令注入RCE 07-10
- 广东强网杯两道Web Writeup 09-12
- 一道题引发的无列名注入 08-22
- PHP变量覆盖总结 05-09
- ISCC 2019部分writeup 05-01
- CVE-2022-21445 Oracle ADF Faces 反序列化RCE 06-29
- CVE-2022-26134 Confluence Server Data Center OGNL RCE 06-08
- CVE-2022-22972 VMware Workspace ONE Access Authentication Bypass RCE 05-27
- CVE-2022-26503 Veeam Agent for Microsoft Windows LPE 03-22
- CVE-2022-26500 Veeam Backup & Replication RCE 03-17
- CVE-2022-22947 SpringCloud GateWay SPEL RCE Echo Response 03-03
- CVE-2022-23131 Zabbix Web Frontend Bypassing the SAML SSO Authentication 02-22
- CVE-2022-22733 Apache ShardingSphere ElasticJob-UI RCE 01-21
- CVE-2021-45456 Apache Kylin 命令注入 01-13
- CVE-2021-45232 Apache APISIX Dashboard Unauthorized Access Vulnerability 12-28
- CVE-2021-44077 Zoho ManageEngine ServiceDesk Plus Pre-Auth RCE 12-07
- CVE-2021-21234 Spring Boot Actuator Logview Directory Traversal 12-01
- Apache Storm两个未授权CVE 11-01
- CVE-2021-35218 SolarWinds PM Chart端点RCE 10-29
- CVE-2021-35216 SolarWinds PM EditTopXX.aspx RCE 10-23
- CVE-2021-35217 SolarWinds PM WSAsyncExecuteTasks RCE 10-23
- CVE-2021-35215 SolarWinds ActionPluginBaseView RCE 10-23
- CVE-2021-22941 Citrix ShareFile Storage RCE 10-20
- WebLogic CVE-2020-14756 T3/IIOP 反序列化RCE 01-27
- WebLogic CVE-2021-2109 JNDI RCE 01-27