unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
CVE-2023-6294: popup-builder <= 4.2.6 Admin+ SSRF & File Read
In this blog post I'll describe the detai...
2024-1-31 19:0:27 | 阅读: 23 |
收藏
|
Sebastian Neef - 0day.work - 0day.work
php
fileurl
popup
wordpress
CVE-2023-6295: so-widgets-bundle < 1.51.0 - Admin+ Local File Inclusion
In this blog post I'll describe the detai...
2023-12-13 01:32:32 | 阅读: 11 |
收藏
|
Sebastian Neef - 0day.work - 0day.work
widget
php
widgets
wp
network
Measuring a Tor Hidden Service's idle Traffic
A month ago, I wondered myself how much t...
2020-11-19 08:12:30 | 阅读: 119 |
收藏
|
0day.work
network
connmark
0x539
circuits
eth0
BalCCon2k20 CTF: Let Me See And Dawsonite Writeups
Last weekend, I had the time to play the...
2020-09-29 02:23:08 | 阅读: 120 |
收藏
|
0day.work
dawsonite
etag
amazonaws
Credentials hiding in plain sight or how I pwned your http auth
In this blog post I will go over the litt...
2020-07-06 02:23:17 | 阅读: 73 |
收藏
|
0day.work
datasets
mailto
rtmp
username
rtsp
Damn Vulnerable Bash Web Server
This won't be a long blog post, just a li...
2020-02-28 06:09:38 | 阅读: 49 |
收藏
|
0day.work
damn
enowars
shittr
github
Files on web servers Part I: History Files
In part I of the blog series, we will go...
2020-01-21 03:27:53 | 阅读: 42 |
收藏
|
0day.work
hsts
lesshst
identify
database
python
Pwning your (web)server and network the easy way - or why exposing ~/.ssh/ is a bad idea
Last year I did some research on how an e...
2020-01-17 04:37:15 | 阅读: 57 |
收藏
|
0day.work
ssh
attacker
client
keypair
passphrase
InfiniteWP Client < 1.9.4.5 - Authentication Bypass
I was browsing wpvulndb.com when I stumbl...
2020-01-15 17:04:55 | 阅读: 59 |
收藏
|
0day.work
iwp
mmb
wordpress
php
X-MAS CTF: Roboworld
This is my quick & dirty write up for the...
2019-12-29 01:19:40 | 阅读: 63 |
收藏
|
0day.work
privatekey
captcha
ro
challs
Open Redirects In Improperly Configured mod_rewrite Rules (PoC for CVE-2019-10098?)
I recently came across the following Apac...
2019-10-29 10:03:35 | 阅读: 50 |
收藏
|
0day.work
evilwebsite
rewriterule
8859
10098
Proof of Concept for "Wordpress <=5.2.3: viewing unauthenticated posts" (CVE-2019-17671)
A couple of days Wordpress released 5.2.4...
2019-10-21 00:52:00 | 阅读: 76 |
收藏
|
0day.work
wp
wordpress
draft
security
attachment
Proof of Concept for "Apache Httpd Limited cross-site scripting in mod_proxy error page (CVE-2019-10092)"
A few days ago, I came across the Apache...
2019-10-19 12:58:38 | 阅读: 48 |
收藏
|
0day.work
proxy
serverfault
502
remote
security
Jinja2 template injection filter bypasses
The blogpost is a follow-up to my last post ab...
2019-09-09 05:01:18 | 阅读: 121 |
收藏
|
0day.work
blacklist
usc
payload
bypass
blacklists
CVE-2019-11360: BufferOverflow in iptables-restore v1.8.2
This blogpost is about a BufferOverflow v...
2019-07-11 19:33:07 | 阅读: 49 |
收藏
|
0day.work
curchar
quote
parsestart
escaped
xshared
Downloading SSH Keys via DNS | Sebastian Neef - 0day.work
I recently came across a situation where...
2019-06-15 22:23:32 | 阅读: 84 |
收藏
|
0day.work
ssh
sha256sum
neef
dnskey
lagtop
Parsing the .DS_Store file format | Sebastian Neef - 0day.work
About two years ago I came across a .DS_S...
2019-06-15 22:17:28 | 阅读: 107 |
收藏
|
0day.work
offsets
traverse
0x00000045
integers
deny
An example why NAT is NOT security | Sebastian Neef - 0day.work
Sometimes I hear that network address tra...
2019-06-15 22:16:20 | 阅读: 113 |
收藏
|
0day.work
victim
network
attacker
55385
eth1
A crash in unsquashfs
This will be my very first 0day release o...
2019-06-06 03:15:37 | 阅读: 39 |
收藏
|
0day.work
squashfs
unsquashfs
crash
comp
havoc
CVE-2019-6726: Arbitrary File Deletion in WP fastest Cache <= 0.8.9.0
In this blogpost I will explain the detai...
2019-03-09 17:25:07 | 阅读: 45 |
收藏
|
0day.work
wp
wordpress
postratings
php
burp0
Previous
-10
-9
-8
-7
-6
-5
-4
-3
Next