admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 18:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

add HD_Network_Local_File_Inclusion_CVE_2021_45043

Browse Source 
add PPGo_Job_Auth_Login_Bypass
This commit is contained in:
gaopeng2 2021-12-16 16:44:40 +08:00
parent fb03765683
commit 735e7a41b6
4 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
HD-Network/CVE-2021-45043/HD_Network_Local_File_Inclusion_CVE_2021_45043.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.1 MiB

9
HD-Network/CVE-2021-45043/README.md Normal file
View File

@ -0,0 +1,9 @@
# HD-Network Real-time Monitoring System 2.0 Local File Inclusion (CVE-2021-45043)
HD-Network Real-time Monitoring System 2.0 is a real-time network monitoring product.</p><p>HD-Network Real-time Monitoring System 2.0 has a local file inclusion (LFI) vulnerability. Attackers can obtain sensitive user information such as passwords to further control the system.
FOFA **query rule**: [body="zkt_input_s"](https://fofa.so/result?qbase64=Ym9keT0iemt0X2lucHV0X3Mi)
# Demo
![HD_Network_Local_File_Inclusion_CVE_2021_45043](HD_Network_Local_File_Inclusion_CVE_2021_45043.gif)

BIN
PPGo_Job/PPGo_Job Auth Login Bypass/PPGo_Job_Auth_Login_Bypass.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.2 MiB

9
PPGo_Job/PPGo_Job Auth Login Bypass/README.md Normal file
View File

@ -0,0 +1,9 @@
# PPGo_Job Auth Login Bypass
PPGo_Job is a visual, multi-person, multi-authority, one-task, multi-machine timing task management system. It is developed by golang, is easy to install, consumes less resources, supports large concurrency, and can manage timing tasks on multiple servers at the same time.</p><p>The PPGo_Job timing task management system has an authentication bypass vulnerability. Attackers can bypass auth authentication to obtain sensitive system information and further control the system.
FOFA **query rule**: [body="/static/layui/layui.js?t=1504439386550"&& body="window.location.href"](https://fofa.so/result?qbase64=Ym9keT0iL3N0YXRpYy9sYXl1aS9sYXl1aS5qcz90PTE1MDQ0MzkzODY1NTAiJiYgYm9keT0id2luZG93LmxvY2F0aW9uLmhyZWYi)
# Demo
![PPGo_Job_Auth_Login_Bypass](PPGo_Job_Auth_Login_Bypass.gif)