Article directory
- foreword
-
- 0x01 Sxf-report system: the version is limited
- 0x02 SQL injection vulnerability of a certain version of E-Cology:
- 0x03 Vulnerability added by any user of xmlrpc.sock, an operation and maintenance audit and risk control system of Hengming Yu
- 0x04 POC of SQL injection vulnerability in a certain version of Fanwei E-Cology:
- 0x05 Jinhe OA C6-GetSqlData.aspx RCE command execution vulnerability: (confirmed)
- 0x06 Dahua Smart Park integrated management platform searchJson SQL injection vulnerability:
- 0x07 Vulnerability in uploading files on the integrated management platform of Dahua Smart Park:
- 0x08 UFIDA KSOA PayBill SQL injection vulnerability:
- 0x09 Any user login vulnerability of NSFOCUS SAS bastion machine local_user.php:
- 0x10 Anheng honeypot 2.0.11 privilege escalation vulnerability:
- 0x11 NSFOCUS SAS bastion machine Exec remote command execution vulnerability POC: