diff --git a/ActiveMQ/CVE-2016-3088/README.md b/ActiveMQ/CVE-2016-3088/README.md index 9683d97..3eff32c 100644 --- a/ActiveMQ/CVE-2016-3088/README.md +++ b/ActiveMQ/CVE-2016-3088/README.md @@ -2,9 +2,9 @@ The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request. Therefore, we can write a file and then move it to any directory, thereby causing arbitrary file writing vulnerability. -Affected version: Apache ActiveMQ 5.x - 5.13.x +**Affected version**: Apache ActiveMQ 5.x - 5.13.x -FOFA query rule: app="Apache-ActiveMQ" +**[FOFA](https://fofa.so/result?qbase64=YXBwPSJBcGFjaGUtQWN0aXZlTVEi) query rule**: app="Apache-ActiveMQ" # Demo diff --git a/Drupal/CVE-2018-7600/README.md b/Drupal/CVE-2018-7600/README.md index 9873488..3655593 100644 --- a/Drupal/CVE-2018-7600/README.md +++ b/Drupal/CVE-2018-7600/README.md @@ -4,9 +4,9 @@ Drupal is an open source content management framework (CMF) written in PHP. It c Drupal had insufficient input sanitation on Form API (FAPI) AJAX requests. As a result, this enabled an attacker to potentially inject a malicious payload into the internal form structure. This would have caused Drupal to execute it without user authentication. By exploiting this vulnerability an attacker would have been able to carry out a full site takeover of any Drupal customer. -Affected version: Drupal 6 - 8 +**Affected version**: Drupal 6 - 8 -FOFA query rule: app="Drupal" +**[FOFA](https://fofa.so/result?qbase64=YXBwPSJEcnVwYWwi) query rule**: app="Drupal" # Demo diff --git a/Jenkins/CVE-2018-1000861/README.md b/Jenkins/CVE-2018-1000861/README.md index 099fafc..0fbd419 100644 --- a/Jenkins/CVE-2018-1000861/README.md +++ b/Jenkins/CVE-2018-1000861/README.md @@ -2,9 +2,9 @@ A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows attackers to invoke some methods on Java objects by accessing crafted URLs that were not intended to be invoked this way. -Affected version: 2.153 and earlier, LTS 2.138.3 and earlier +**Affected version**: 2.153 and earlier, LTS 2.138.3 and earlier -FOFA query rule: app="Jenkins" +**[FOFA](https://fofa.so/result?qbase64=YXBwPSJKZW5raW5zIg%3D%3D) query rule**: app="Jenkins" # Demo diff --git a/Struts2/S2-016(CVE-2013-2251)/README.md b/Struts2/S2-016(CVE-2013-2251)/README.md index f92e33c..3103e31 100644 --- a/Struts2/S2-016(CVE-2013-2251)/README.md +++ b/Struts2/S2-016(CVE-2013-2251)/README.md @@ -2,9 +2,9 @@ Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix. -Affected Version: Apache Struts2 2.0.0 - 2.3.15 +**Affected Version**: Apache Struts2 2.0.0 - 2.3.15 -FOFA query rule: app="Struts2" +**[FOFA](https://fofa.so/result?qbase64=YXBwPSJTdHJ1dHMyIg%3D%3D) query rule**: app="Struts2" # Demo diff --git a/Struts2/S2-046(CVE-2017-5638)/README.md b/Struts2/S2-046(CVE-2017-5638)/README.md index b8d7b5f..e2e021c 100644 --- a/Struts2/S2-046(CVE-2017-5638)/README.md +++ b/Struts2/S2-046(CVE-2017-5638)/README.md @@ -2,9 +2,9 @@ The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string. -Affected version: Apache Struts2 2.3.5 - 2.3.31 and 2.5.x - 2.5.10 +**Affected version**: Apache Struts2 2.3.5 - 2.3.31 and 2.5.x - 2.5.10 -FOFA query rule: app="Struts2" +**[FOFA](https://fofa.so/result?qbase64=YXBwPSJTdHJ1dHMyIg%3D%3D) query rule**: app="Struts2" # Demo diff --git a/ThinkPHP/ThinkPHP2.1_RCE/README.md b/ThinkPHP/ThinkPHP2.1_RCE/README.md index e1097f9..46c2894 100644 --- a/ThinkPHP/ThinkPHP2.1_RCE/README.md +++ b/ThinkPHP/ThinkPHP2.1_RCE/README.md @@ -10,9 +10,9 @@ $res = preg_replace('@(\w+)'.$depr.'([^'.$depr.'\/]+)@e', '$var[\'\\1\']="\\2";' 这是个非常危险的参数,如果用了这个参数,`preg_replace` 的第二个参数就会被当做 PHP 代码执行。 -影响版本:ThinkPHP 2.1 +**影响版本**:ThinkPHP 2.1 -FOFA 查询规则:app="ThinkPHP" +**[FOFA](https://fofa.so/result?qbase64=YXBwPSJUaGlua1BIUCI%3D) 查询规则**:app="ThinkPHP" # Demo diff --git a/ThinkPHP/ThinkPHP5_RCE/README.md b/ThinkPHP/ThinkPHP5_RCE/README.md index 72a9c4f..4c3e8ff 100644 --- a/ThinkPHP/ThinkPHP5_RCE/README.md +++ b/ThinkPHP/ThinkPHP5_RCE/README.md @@ -4,9 +4,9 @@ ThinkPHP 诞生于 2006 年,是一个国产开源的 PHP 开发框架,其借 在 ThinkPHP 5 中,由于框架对控制器名没有进行足够的检测,会导致在没有开启强制路由的情况下的远程代码执行漏洞。 -影响版本:ThinkPHP 5.x +**影响版本**:ThinkPHP 5.x -FOFA 查询规则:app="ThinkPHP" +**[FOFA](https://fofa.so/result?qbase64=YXBwPSJUaGlua1BIUCI%3D) 查询规则**:app="ThinkPHP" # Demo