CVE-2023-6294: popup-builder <= 4.2.6 Admin+ SSRF & File Read In this blog post I'll describe the detai... 2024-1-31 19:0:27 | 阅读: 23 | 收藏 | Sebastian Neef - 0day.work - 0day.work php fileurl popup wordpress

CVE-2023-6295: so-widgets-bundle < 1.51.0 - Admin+ Local File Inclusion In this blog post I'll describe the detai... 2023-12-13 01:32:32 | 阅读: 11 | 收藏 | Sebastian Neef - 0day.work - 0day.work widget php widgets wp network

Measuring a Tor Hidden Service's idle Traffic A month ago, I wondered myself how much t... 2020-11-19 08:12:30 | 阅读: 119 | 收藏 | 0day.work network connmark 0x539 circuits eth0

BalCCon2k20 CTF: Let Me See And Dawsonite Writeups Last weekend, I had the time to play the... 2020-09-29 02:23:08 | 阅读: 120 | 收藏 | 0day.work dawsonite etag amazonaws

Credentials hiding in plain sight or how I pwned your http auth In this blog post I will go over the litt... 2020-07-06 02:23:17 | 阅读: 73 | 收藏 | 0day.work datasets mailto rtmp username rtsp

Damn Vulnerable Bash Web Server This won't be a long blog post, just a li... 2020-02-28 06:09:38 | 阅读: 49 | 收藏 | 0day.work damn enowars shittr github

Files on web servers Part I: History Files In part I of the blog series, we will go... 2020-01-21 03:27:53 | 阅读: 42 | 收藏 | 0day.work hsts lesshst identify database python

Pwning your (web)server and network the easy way - or why exposing ~/.ssh/ is a bad idea Last year I did some research on how an e... 2020-01-17 04:37:15 | 阅读: 57 | 收藏 | 0day.work ssh attacker client keypair passphrase

InfiniteWP Client < 1.9.4.5 - Authentication Bypass I was browsing wpvulndb.com when I stumbl... 2020-01-15 17:04:55 | 阅读: 59 | 收藏 | 0day.work iwp mmb wordpress php

X-MAS CTF: Roboworld This is my quick & dirty write up for the... 2019-12-29 01:19:40 | 阅读: 63 | 收藏 | 0day.work privatekey captcha ro challs

Open Redirects In Improperly Configured mod_rewrite Rules (PoC for CVE-2019-10098?) I recently came across the following Apac... 2019-10-29 10:03:35 | 阅读: 50 | 收藏 | 0day.work evilwebsite rewriterule 8859 10098

Proof of Concept for "Wordpress <=5.2.3: viewing unauthenticated posts" (CVE-2019-17671) A couple of days Wordpress released 5.2.4... 2019-10-21 00:52:00 | 阅读: 76 | 收藏 | 0day.work wp wordpress draft security attachment

Proof of Concept for "Apache Httpd Limited cross-site scripting in mod_proxy error page (CVE-2019-10092)" A few days ago, I came across the Apache... 2019-10-19 12:58:38 | 阅读: 48 | 收藏 | 0day.work proxy serverfault 502 remote security

Jinja2 template injection filter bypasses The blogpost is a follow-up to my last post ab... 2019-09-09 05:01:18 | 阅读: 121 | 收藏 | 0day.work blacklist usc payload bypass blacklists

CVE-2019-11360: BufferOverflow in iptables-restore v1.8.2 This blogpost is about a BufferOverflow v... 2019-07-11 19:33:07 | 阅读: 49 | 收藏 | 0day.work curchar quote parsestart escaped xshared

Downloading SSH Keys via DNS | Sebastian Neef - 0day.work I recently came across a situation where... 2019-06-15 22:23:32 | 阅读: 84 | 收藏 | 0day.work ssh sha256sum neef dnskey lagtop

Parsing the .DS_Store file format | Sebastian Neef - 0day.work About two years ago I came across a .DS_S... 2019-06-15 22:17:28 | 阅读: 107 | 收藏 | 0day.work offsets traverse 0x00000045 integers deny

An example why NAT is NOT security | Sebastian Neef - 0day.work Sometimes I hear that network address tra... 2019-06-15 22:16:20 | 阅读: 113 | 收藏 | 0day.work victim network attacker 55385 eth1

A crash in unsquashfs This will be my very first 0day release o... 2019-06-06 03:15:37 | 阅读: 39 | 收藏 | 0day.work squashfs unsquashfs crash comp havoc

CVE-2019-6726: Arbitrary File Deletion in WP fastest Cache <= 0.8.9.0 In this blogpost I will explain the detai... 2019-03-09 17:25:07 | 阅读: 45 | 收藏 | 0day.work wp wordpress postratings php burp0