├── .DS_Store
├── Apache_OFBiz_Authentication_Bypass_Rce.py
├── Array_VPN_FileRead_Poc.py
├── Atlassian_Confluence_text-inline_Rce_Poc.py
├── ChangJieTongTPlus_GetStoreWarehouseByStore_Rce_Poc.py
├── DaHua_Zhihuiyuanqu_getFaceCapture_Sql_Poc.py
├── Dahua_EIMS_captureCommand_Rce.py
├── EasyCVR_Userlist_Leak_Poc.py
├── Enterprise_VX_Infoleak_Exp.py
├── F5_BIG_IP_RCE_CVE-2023-46747.yaml
├── Feiqihulian_FE_Login_Bypass_Exp.py
├── Hikvison_IP_Duijiang_Ping_Rce.py
├── Hikvison_Showfile_Download_File_Poc.py
├── Hikvison_iSecure_Center_Report_Upload_File_Poc.py
├── Hikvison_iSecure_Center_ResourceOperations_Upload_File_Exp.py
├── Hikvison_iSecure_Center_ResourceOperations_Upload_File_Poc.py
├── Hongfan_OA_Ioffice_Udfmr_Sql_Poc.py
├── Hongjing_HCM_Codesettree_Sql_Poc.py
├── Hongjing_HCM_KhFieldtree_Sql_Poc.py
├── JeecgBoot_testConnection_Rce.py
├── JinHE_OA_SQL_Rce_Exp.py
├── Jinpan_Weixin_Getsysteminfo_Leak_Poc.py
├── Kingdee_Apusic_AppServer_Upload_File_Poc.py
├── Kingdee_Erp_Unserialize_Rce_Poc.py
├── Kingdee_ScpSupRegHandler_Upload_File_Poc.py
├── LICENSE
├── Landray_Oa_Custom_FileRead_Poc.py
├── Landray_Oa_Treexml_Rce_Poc.py
├── Likeshop_Formimage_Uploadfile_poc.py
├── Linkwalks_OA_GetIMDictionary_Sql_Poc.py
├── Linkwalks_OA_Msgbroadcastuploadfile_UploadFile_Exp.py
├── Metabase_RCE_CVE_2023_38646_poc.py
├── Nginx_WebUI_Runcmd_Rce_Exp.py
├── NsFocus_SAS_Exec_Rce_Poc.py
├── NsFocus_SAS_GetFile_FileRead_Poc.py
├── NsFocus_SAS_LocalUser_Login_Poc.py
├── Openfire_Bypass_CVE_2023_32315_poc.py
├── PigCMS_Action_FlashUpload_UploadFile_Poc.py
├── QAX_Sec3600_Firewall_UploadFile_Poc.py
├── Qiwangzhizao_ERP_Comboxstore_Rce_Poc.py
├── README.md
├── Renwoxing_CRM_Typeid_sql_Poc.py
├── RichMail_noCookiesMail_info_Leak_Poc.py
├── Ruijie_NBR_FileUpload_Poc.py
├── Ruijie_SmartWeb_Execshell_Leak_Poc.py
├── Sifudi_test_qrcode_b_Rce_Poc.py
├── Suda_Report_FileUpload_Poc.py
├── Video_cloud_pla_download.aspx-anyfile-CNVD-2022-91381.yaml
├── Weaver_E_Mobile_6_RCE_Exp.py
├── Weaver_Oa_Eoffice_Officeserver_Upload_File_Poc.py
├── Weaver_Oa_Eoffice_Uploadify_Upload_File_Poc.py
├── XXL_Job_Default_Token_Rce.py
├── Yongyou_Grp_U8_bx_historyDataCheck_Sql_Poc.py
├── Yongyou_KSOA_QueryService_Sql_Poc.py
├── Yongyou_NC_Cloud_Uploadchunk_Uploadfile_Poc.py
├── Yongyou_NC_Cloud_importhttpscer_FileUpload_Poc.py
├── Yongyou_U8_OA_doUpload_Upload_File_Poc.py
├── YouDianCMS__Upload_File_Poc.py
└── image
    ├── .DS_Store
    └── README
        ├── 1691885589911.png
        ├── 公众号.png
        └── 猫蛋儿微信.jpeg


/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/.DS_Store


--------------------------------------------------------------------------------
/Apache_OFBiz_Authentication_Bypass_Rce.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Apache_OFBiz_Authentication_Bypass_Rce.py


--------------------------------------------------------------------------------
/Array_VPN_FileRead_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Array_VPN_FileRead_Poc.py


--------------------------------------------------------------------------------
/Atlassian_Confluence_text-inline_Rce_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Atlassian_Confluence_text-inline_Rce_Poc.py


--------------------------------------------------------------------------------
/ChangJieTongTPlus_GetStoreWarehouseByStore_Rce_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/ChangJieTongTPlus_GetStoreWarehouseByStore_Rce_Poc.py


--------------------------------------------------------------------------------
/DaHua_Zhihuiyuanqu_getFaceCapture_Sql_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/DaHua_Zhihuiyuanqu_getFaceCapture_Sql_Poc.py


--------------------------------------------------------------------------------
/Dahua_EIMS_captureCommand_Rce.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Dahua_EIMS_captureCommand_Rce.py


--------------------------------------------------------------------------------
/EasyCVR_Userlist_Leak_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/EasyCVR_Userlist_Leak_Poc.py


--------------------------------------------------------------------------------
/Enterprise_VX_Infoleak_Exp.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Enterprise_VX_Infoleak_Exp.py


--------------------------------------------------------------------------------
/F5_BIG_IP_RCE_CVE-2023-46747.yaml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/F5_BIG_IP_RCE_CVE-2023-46747.yaml


--------------------------------------------------------------------------------
/Feiqihulian_FE_Login_Bypass_Exp.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Feiqihulian_FE_Login_Bypass_Exp.py


--------------------------------------------------------------------------------
/Hikvison_IP_Duijiang_Ping_Rce.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Hikvison_IP_Duijiang_Ping_Rce.py


--------------------------------------------------------------------------------
/Hikvison_Showfile_Download_File_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Hikvison_Showfile_Download_File_Poc.py


--------------------------------------------------------------------------------
/Hikvison_iSecure_Center_Report_Upload_File_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Hikvison_iSecure_Center_Report_Upload_File_Poc.py


--------------------------------------------------------------------------------
/Hikvison_iSecure_Center_ResourceOperations_Upload_File_Exp.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Hikvison_iSecure_Center_ResourceOperations_Upload_File_Exp.py


--------------------------------------------------------------------------------
/Hikvison_iSecure_Center_ResourceOperations_Upload_File_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Hikvison_iSecure_Center_ResourceOperations_Upload_File_Poc.py


--------------------------------------------------------------------------------
/Hongfan_OA_Ioffice_Udfmr_Sql_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Hongfan_OA_Ioffice_Udfmr_Sql_Poc.py


--------------------------------------------------------------------------------
/Hongjing_HCM_Codesettree_Sql_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Hongjing_HCM_Codesettree_Sql_Poc.py


--------------------------------------------------------------------------------
/Hongjing_HCM_KhFieldtree_Sql_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Hongjing_HCM_KhFieldtree_Sql_Poc.py


--------------------------------------------------------------------------------
/JeecgBoot_testConnection_Rce.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/JeecgBoot_testConnection_Rce.py


--------------------------------------------------------------------------------
/JinHE_OA_SQL_Rce_Exp.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/JinHE_OA_SQL_Rce_Exp.py


--------------------------------------------------------------------------------
/Jinpan_Weixin_Getsysteminfo_Leak_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Jinpan_Weixin_Getsysteminfo_Leak_Poc.py


--------------------------------------------------------------------------------
/Kingdee_Apusic_AppServer_Upload_File_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Kingdee_Apusic_AppServer_Upload_File_Poc.py


--------------------------------------------------------------------------------
/Kingdee_Erp_Unserialize_Rce_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Kingdee_Erp_Unserialize_Rce_Poc.py


--------------------------------------------------------------------------------
/Kingdee_ScpSupRegHandler_Upload_File_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Kingdee_ScpSupRegHandler_Upload_File_Poc.py


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/LICENSE


--------------------------------------------------------------------------------
/Landray_Oa_Custom_FileRead_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Landray_Oa_Custom_FileRead_Poc.py


--------------------------------------------------------------------------------
/Landray_Oa_Treexml_Rce_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Landray_Oa_Treexml_Rce_Poc.py


--------------------------------------------------------------------------------
/Likeshop_Formimage_Uploadfile_poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Likeshop_Formimage_Uploadfile_poc.py


--------------------------------------------------------------------------------
/Linkwalks_OA_GetIMDictionary_Sql_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Linkwalks_OA_GetIMDictionary_Sql_Poc.py


--------------------------------------------------------------------------------
/Linkwalks_OA_Msgbroadcastuploadfile_UploadFile_Exp.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Linkwalks_OA_Msgbroadcastuploadfile_UploadFile_Exp.py


--------------------------------------------------------------------------------
/Metabase_RCE_CVE_2023_38646_poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Metabase_RCE_CVE_2023_38646_poc.py


--------------------------------------------------------------------------------
/Nginx_WebUI_Runcmd_Rce_Exp.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Nginx_WebUI_Runcmd_Rce_Exp.py


--------------------------------------------------------------------------------
/NsFocus_SAS_Exec_Rce_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/NsFocus_SAS_Exec_Rce_Poc.py


--------------------------------------------------------------------------------
/NsFocus_SAS_GetFile_FileRead_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/NsFocus_SAS_GetFile_FileRead_Poc.py


--------------------------------------------------------------------------------
/NsFocus_SAS_LocalUser_Login_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/NsFocus_SAS_LocalUser_Login_Poc.py


--------------------------------------------------------------------------------
/Openfire_Bypass_CVE_2023_32315_poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Openfire_Bypass_CVE_2023_32315_poc.py


--------------------------------------------------------------------------------
/PigCMS_Action_FlashUpload_UploadFile_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/PigCMS_Action_FlashUpload_UploadFile_Poc.py


--------------------------------------------------------------------------------
/QAX_Sec3600_Firewall_UploadFile_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/QAX_Sec3600_Firewall_UploadFile_Poc.py


--------------------------------------------------------------------------------
/Qiwangzhizao_ERP_Comboxstore_Rce_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Qiwangzhizao_ERP_Comboxstore_Rce_Poc.py


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/README.md


--------------------------------------------------------------------------------
/Renwoxing_CRM_Typeid_sql_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Renwoxing_CRM_Typeid_sql_Poc.py


--------------------------------------------------------------------------------
/RichMail_noCookiesMail_info_Leak_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/RichMail_noCookiesMail_info_Leak_Poc.py


--------------------------------------------------------------------------------
/Ruijie_NBR_FileUpload_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Ruijie_NBR_FileUpload_Poc.py


--------------------------------------------------------------------------------
/Ruijie_SmartWeb_Execshell_Leak_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Ruijie_SmartWeb_Execshell_Leak_Poc.py


--------------------------------------------------------------------------------
/Sifudi_test_qrcode_b_Rce_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Sifudi_test_qrcode_b_Rce_Poc.py


--------------------------------------------------------------------------------
/Suda_Report_FileUpload_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Suda_Report_FileUpload_Poc.py


--------------------------------------------------------------------------------
/Video_cloud_pla_download.aspx-anyfile-CNVD-2022-91381.yaml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Video_cloud_pla_download.aspx-anyfile-CNVD-2022-91381.yaml


--------------------------------------------------------------------------------
/Weaver_E_Mobile_6_RCE_Exp.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Weaver_E_Mobile_6_RCE_Exp.py


--------------------------------------------------------------------------------
/Weaver_Oa_Eoffice_Officeserver_Upload_File_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Weaver_Oa_Eoffice_Officeserver_Upload_File_Poc.py


--------------------------------------------------------------------------------
/Weaver_Oa_Eoffice_Uploadify_Upload_File_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Weaver_Oa_Eoffice_Uploadify_Upload_File_Poc.py


--------------------------------------------------------------------------------
/XXL_Job_Default_Token_Rce.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/XXL_Job_Default_Token_Rce.py


--------------------------------------------------------------------------------
/Yongyou_Grp_U8_bx_historyDataCheck_Sql_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Yongyou_Grp_U8_bx_historyDataCheck_Sql_Poc.py


--------------------------------------------------------------------------------
/Yongyou_KSOA_QueryService_Sql_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Yongyou_KSOA_QueryService_Sql_Poc.py


--------------------------------------------------------------------------------
/Yongyou_NC_Cloud_Uploadchunk_Uploadfile_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Yongyou_NC_Cloud_Uploadchunk_Uploadfile_Poc.py


--------------------------------------------------------------------------------
/Yongyou_NC_Cloud_importhttpscer_FileUpload_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Yongyou_NC_Cloud_importhttpscer_FileUpload_Poc.py


--------------------------------------------------------------------------------
/Yongyou_U8_OA_doUpload_Upload_File_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/Yongyou_U8_OA_doUpload_Upload_File_Poc.py


--------------------------------------------------------------------------------
/YouDianCMS__Upload_File_Poc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/YouDianCMS__Upload_File_Poc.py


--------------------------------------------------------------------------------
/image/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/image/.DS_Store


--------------------------------------------------------------------------------
/image/README/1691885589911.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/image/README/1691885589911.png


--------------------------------------------------------------------------------
/image/README/公众号.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/image/README/公众号.png


--------------------------------------------------------------------------------
/image/README/猫蛋儿微信.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MD-SEC/MDPOCS/HEAD/image/README/猫蛋儿微信.jpeg


--------------------------------------------------------------------------------