刚开工没两天，感觉整个人还未走出春节黑白颠倒的作息，身心无力。说的直白一点：不想干活。遂写点博客记录一下假期遇到的一件事情。     事情很简单，刷B站时偶见一副...

Here's something encrypted, password is required to continue reading.

StreamVault-system RCE vulnerability.

dpanel is an open source server management panel written in Go. In versions 1.2.0 through 1.7.2, dpanel allows authenticated users to read arbitrary files from the server via the /api/app/compose/get-from-uri API endpoint.

Fuint system SQL injection vulnerability.

Owl Admin system SQL injection vulnerability.

Users running Ratpanel versions v2.3.19 to v2.5.5—especially those who have exposed their admin panel login URL or use weak login URL paths—are vulnerable to unauthorized access. Additionally, versions v2.5.1 to v2.5.5 are susceptible to server and hosted machine takeover.

TangSengDaoDaoServer SSRF vulnerability

REBUILD system SQL injection vulnerability

upset-gal-web v7.1.0 system has an arbitrary file read vulnerability