-
I'm currently evaluating different file upload solutions for Rails and as far as I can tell Dragonfly solely [relies](https://github.com/markevans/dragonfly/blob/b681ce2e44139aa7632c5331dc5601530b23d8…
-
Installing 'ActiveMQ_RCE_Pro_Max' (1.0.3) [64bit] from 'sec' bucket
Starting download with aria2 ...
Download: Download Results:
Download: gid |stat|avg speed |path/URI
Download: ======+====+==…
-
用xray爬虫扫描spring应用的漏洞是发现,没有带上原始的Accept头,导致页面类型显示错误,无法判断出漏洞
`xray webscan --plugins cmd-injection,sqldet --browser-crawler http://127.0.0.1:8090/springboot-spel-rce/`
爬虫到的原始请求是
```
GE…
-
批量导入url扫描 -f , 输入命令无效果
-
Both the CNA and ADP containers include a `source` attribute that is defined as:
```
"source": {
"type": "object",
"description": "This is the source information (who discovered it, who
…
-
## CVE-2022-22965 - High Severity Vulnerability
Vulnerable Library - spring-beans-5.3.0.jar
Spring Beans
Library home page: https://github.com/spring-projects/spring-framework
Path to dependency fil…
-
atom-elixir@master starts a TCP server that listens on all interfaces and evals code without authenticating the user. Anyone on the network can use this to execute arbitrary code with the privileges …
-
-
Hello @klezVirus thanks for you work, and your tools!
How to build follina doc without hosting, just with command/payload file (ps1, raw, txt..)
#maybe it can be useful https://github.com/komomon…
-
# Microsoft Security Advisory CVE-2023-33128: .NET Remote Code Execution Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerabi…