res | PwnWiki

华夏ERP授权绕过漏洞（二）

免费、自由、人人可编辑的漏洞库--PwnWiki.com , FOFA title="华夏ERP" POC import sys,requests def main(ip): url = "{ip}/user/login/../../use ...

阅读全文
华夏ERP授权绕过漏洞

免费、自由、人人可编辑的漏洞库 , POC python3 poc.py http://ip:port import sys,requests def main(ip): url = "{ip}/a.css/../user/getUserL ...

阅读全文
华夏ERP命令执行漏洞

PWNWIK.COM , POC import socket,sys,re def SendGet(res,ip,port): request = re.sub('\r\n','\r\n',res) port = int(port) soc ...

阅读全文
泛微OA WorkflowCenterTreeData接口注入（仅限oracle数据库）/zh-hant

免费、自由、人人(PwnWiki.Com)可编辑的漏洞库 , EXP POST /mobile/browser/WorkflowCenterTreeData.jsp?node=wftype_1&scope=2333 HTTP/1.1 ...

阅读全文
泛微OA WorkflowCenterTreeData接口注入（仅限oracle数据库）

PWNWIK.COM , EXP POST /mobile/browser/WorkflowCenterTreeData.jsp?node=wftype_1&scope=2333 HTTP/1.1 Host: ip:port Cac ...

阅读全文
Solarwinds Storage Manager 5.1.0 SQL注入漏洞

免费、自由、人人可编辑的漏洞库--pwnwiki.com , EXP ## # This file is part of the Metasploit Framework and may be subject to # redistribu ...

阅读全文
Lightweight facebook-styled blog 1.3 远程代码执行漏洞

PWNWIK.COM , ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/ ...

阅读全文
Hasura GraphQL 1.3.3 SSRF漏洞

pwnwiki.com , EXP # Exploit Title: Hasura GraphQL 1.3.3 - Service Side Request Forgery (SSRF) # Software: Hasura GraphQL ...

阅读全文
Hashicorp Consul Services API 远程代码执行漏洞

免费、自由、人人(PwnWiki.Com)可编辑的漏洞库 , EXP ## # This module requires Metasploit: https://metasploit.com/download # Current sourc ...

阅读全文
Hashicorp Consul Rexec远程命令执行漏洞

PWNWIK.COM==免费、自由、人人可编辑的漏洞库 , EXP ## # This module requires Metasploit: https://metasploit.com/download # Current source ...

阅读全文

1 of 512 3 4 5 »