m5k1umn 发表于 2024-10-3 07:06:46

2023HW-Day1 nday信息推送


    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">2023HW-Day nday集合</strong></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">1、海康威视综合安防前台文件上传漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">2、蓝凌OA前台代码执行漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">3、致远M3Server-xxxx反序列化漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">4、致远A8V8SP1SP2文件上传漏洞(1dav)</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">5、普元EOS 前台代码执行漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">6、金和OA sql注入</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">7、泛微E-Mobile任意用户登录(1day)</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">8、泛微E-Office10信息<span style="color: black;">泄密</span>后台+后台文件上传漏洞(Oday)很牛的组合漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">9、契约锁电子签章系统RCE(1day)</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">十、</span>亿赛通电子文档平台文件上传漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">11、ldocview命令执行漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">12、jeesite代码执行漏洞Oday</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">13、LiveBOS文件上传漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">14、用友nc-cloud-任意文件写入</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">15、qax VPN 0day</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">16、xxIOA PWN</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">17、xxx准入PWN</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">18、sxf应用交付系统命令执行</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">19、协同办公文档(DzzOfffice)未授权<span style="color: black;">拜访</span></span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">20、电子签章平台代码执行漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">21、泛微oa进后台漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">22、ucloud的未授权获取任意用户cookie</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">23、飞书客户端RCE漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">24、泛微EofficeV10前台RCE</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">25、来客推商城任意文件上传</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">26、天玥堡垒机Oday</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">27、明御运维审计与<span style="color: black;">危害</span><span style="color: black;">掌控</span>系统堡垒机任意用户注册</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">28、协同管理系统存在SQL注入</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">29、泛微emobile注入漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">30、拓尔思WCM任意命令执行漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">31、用友财务云任意文件上传漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">32、天眼0day(未证实)</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">32、绿盟sas安全审计系统任意文件读取</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">33、Smartbi身份认证绕过漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">34、泛微Eoffice10 sql注入</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">35、海康综合安防平台-Spring-ENV信息<span style="color: black;">泄密</span>-Restful api默认密钥漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">36、宏景4个注入2个上传</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">37、红帆OA一堆0day</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">38、泛微E-office do_excel组件存在任意文件写入漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">39、某御 Leadsec ACM管理平台SQL注入漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">40、H3C CVM 前台任意文件上传漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">41、通达OA登录认证绕过漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">42、TRS-MAS 测试文件远程命令执行漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">43、宝塔前台远程代码执行漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">44、某恒数据大脑 API 网关任意<span style="color: black;">秘码</span>重置漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">45、通达OA系统V11.x版本远程代码执行漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">46、华天动力OA系统前台任意文件上传漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">47、PbootCMS v3.1.2 远程命令执行漏洞</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">数据<span style="color: black;">源自</span>互联网,真实性有待分析</strong></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><span style="color: black;">都看到这了,点个关注获取<span style="color: black;">更加多</span></span></span></strong></span></strong></span></span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_gif/Ljib4So7yuWgG3xFsQDtWATJ58gNIrtdqydLHxOPYo1NzNm55nAia6ueU87C0IRwHDWooERFI5GwK3RYnjofpbrQ/640?wx_fmt=gif&amp;wxfrom=5&amp;wx_lazy=1&amp;tp=webp" style="width: 50%; margin-bottom: 20px;"></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_gif/Ljib4So7yuWgG3xFsQDtWATJ58gNIrtdqydLHxOPYo1NzNm55nAia6ueU87C0IRwHDWooERFI5GwK3RYnjofpbrQ/640?wx_fmt=gif&amp;wxfrom=5&amp;wx_lazy=1&amp;tp=webp" style="width: 50%; margin-bottom: 20px;"></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">关注获取<span style="color: black;">更加多</span></span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">同期</span>欢迎各位加入交流群进行交流讨论,有其他<span style="color: black;">需要</span><span style="color: black;">或</span>寻求<span style="color: black;">帮忙</span>的<span style="color: black;">能够</span>在群里进行讨论交流,群里<span style="color: black;">亦</span>会分享<span style="color: black;">有些</span>工具和教程,添加时请<span style="color: black;">按照</span>您的来意<span style="color: black;">备注<span style="color: black;">安全从业</span></span>或<span style="color: black;">软件资源交流</span><span style="color: black;">[</span><span style="color: black;">不会</span><span style="color: black;"><span style="color: black;">推送安全<span style="color: black;">关联</span>资源</span>], 会<span style="color: black;">按照</span><span style="color: black;">区别</span>的备注分别加入<span style="color: black;">区别</span>群(记得备注)</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><img src="https://mmbiz.qpic.cn/mmbiz_png/0YfDibTv8huh0iaJxCIUbibHKhPEre8yhWC98z3kQ1iaKw8neVADFap70VOoyvOzDm5ok4zH2NyPJNAEjZcl5xhcKA/640?wx_fmt=png&amp;wxfrom=5&amp;wx_lazy=1&amp;wx_co=1&amp;tp=webp" style="width: 50%; margin-bottom: 20px;"></span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">非安全NoTSEC</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">往期<span style="color: black;">举荐</span></p><a style="color: black;">
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">【安全神器】一款红队/渗透测试<span style="color: black;">隐匿</span>痕迹的工具</p>
    </a><a style="color: black;">
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">微X</span>多开,还能防撤回,自动抢红包?这个工具太强了吧!-信息差消除计划-004</p>
    </a>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><a style="color: black;">sql注入的绕过技巧bypass,<span style="color: black;">意见</span>收</a>藏</p>
    <a style="color: black;">
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">渗透测试利器BurpSuitePRO最新汉化破解版</p>
    </a><a style="color: black;">
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">平常</span>WebShell的流量特征及检测思路</p>
    </a><a style="color: black;">
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">手机号带来的溯源<span style="color: black;">办法</span>&amp;<span style="color: black;">有些</span>防护<span style="color: black;">意见</span></p>
    </a><a style="color: black;">
      <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">安全神器 | 一款功能强大的Java自动代码审计工具</p>
    </a>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><a style="color: black;">云渗透-云原生靶机实战:综合场景</a></p>分享<span style="color: black;">保藏</span>点赞在看




1fy07h 发表于 2024-10-16 00:20:58

感谢你的精彩评论,带给我新的思考角度。

4lqedz 发表于 2024-11-9 04:57:28

外链论坛的成功举办,是与各位领导、同仁们的关怀和支持分不开的。在此,我谨代表公司向关心和支持论坛的各界人士表示最衷心的感谢!
页: [1]
查看完整版本: 2023HW-Day1 nday信息推送