-
https://blog.csdn.net/2301_80127209/article/details/141397363
Showdoc反序列化漏洞复现
请问这个漏洞可以修补么?
-
**Code logic error causes file upload getshell**
Verify version:Thinkphp5.1.41/Thinkphp5.0.24
Install:composer create-project topthink/think tp 5.xxx
test version:Thinkphp5.1.41
If the user di…
-
at [CompositeInformationControl](https://github.com/eclipse-platform/eclipse.platform.ui/blob/master/bundles/org.eclipse.ui.genericeditor/src/org/eclipse/ui/internal/genericeditor/hover/CompositeInfo…
-
The cause of the vulnerability: When decompressing, the compressed files were not filtered and judged, which resulted in the possibility of uploading cross-directory zip files to getshell.
![image](h…
-
Testing environment: windows + php5.4.45 +apache (phpStudy Integrated environment)
CMS version: v4.8.54
1. Intercept a request of the home page. Change method to POST.
![image](https://github.co…
-
This version has background management can getshell
When you get the admin rights, we log in to the background.(Choose appearance)
![image](https://user-images.githubusercontent.com/48093301/5357…
-
using your example code
```php
$shellObj = \MTS\Factories::getDevices()->getRemoteHost('ip_address')->setConnectionDetail('username', 'password')->getShell();
```
results in
```
$ php index.…
-
thinkphp/library/think/App.php
```
public function routeCheck()
{
$path = $this->request->path();
$depr = $this->config('app.pathinfo_depr');
```
```
public function path(…
-
Testing environment: windows + php5.4.45 +apache (phpStudy Integrated environment)
CMS version: v4.8.54
1. Intercept a request of the home page. Change method to POST.
![image](https://github.com…
-
```
What steps will reproduce the problem?
1. Set up a pending intent in AlarmManager with XXX_WAKEUP flag in 10 seconds.
2. Let the phone sleep. (screen off)
3. Call getShell() in broadcast receiver …