HD-Network Real-time Monitoring System 2.0 has a local file inclusion (LFI) vulnerability. Attackers can obtain sensitive user information such as passwords to further control the system. + +FOFA **query rule**: [body="zkt_input_s"](https://fofa.so/result?qbase64=Ym9keT0iemt0X2lucHV0X3Mi) + +# Demo + + diff --git a/PPGo_Job/PPGo_Job Auth Login Bypass/PPGo_Job_Auth_Login_Bypass.gif b/PPGo_Job/PPGo_Job Auth Login Bypass/PPGo_Job_Auth_Login_Bypass.gif new file mode 100644 index 0000000..05d276f Binary files /dev/null and b/PPGo_Job/PPGo_Job Auth Login Bypass/PPGo_Job_Auth_Login_Bypass.gif differ diff --git a/PPGo_Job/PPGo_Job Auth Login Bypass/README.md b/PPGo_Job/PPGo_Job Auth Login Bypass/README.md new file mode 100644 index 0000000..e234a9a --- /dev/null +++ b/PPGo_Job/PPGo_Job Auth Login Bypass/README.md @@ -0,0 +1,9 @@ +# PPGo_Job Auth Login Bypass + +PPGo_Job is a visual, multi-person, multi-authority, one-task, multi-machine timing task management system. It is developed by golang, is easy to install, consumes less resources, supports large concurrency, and can manage timing tasks on multiple servers at the same time.
The PPGo_Job timing task management system has an authentication bypass vulnerability. Attackers can bypass auth authentication to obtain sensitive system information and further control the system. + +FOFA **query rule**: [body="/static/layui/layui.js?t=1504439386550"&& body="window.location.href"](https://fofa.so/result?qbase64=Ym9keT0iL3N0YXRpYy9sYXl1aS9sYXl1aS5qcz90PTE1MDQ0MzkzODY1NTAiJiYgYm9keT0id2luZG93LmxvY2F0aW9uLmhyZWYi) + +# Demo + +