sky
sky
hi, We found a remote code execution vulnerability in phpmoadmin that could allow an attacker to remotely execute arbitrary code to attack an attack server.  code line in 562:...
**Bug 具体描述** **复现步骤** 1. 拉取最新镜像 veinmind/veinmind-runner latest 6fc7c3f031f7 42 hours ago 1.41GB 扫描目标本地镜像 nvidia/cuda:12.1.0-runtime-ubuntu20.04 **相关截图**   做了软链接:  **环境(空项可以不填)** - Docker 版本: Client: Docker Engine - Community Version: 19.03.2...
在WeblogController里,59行: `tmpMap.put("userAgent", headerMap.get("user-agent").toString());` 遇到如下数据: `{"x-real-ip":"1.1.1.1","remote-host":"2.2.2.2","accept-language":"zh-CN,zh;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6","host":"test.1.dns.xxxx.cn:443","connection":"upgrade","x-forwarded-for":"3.3.3.3","x-scheme":"https","x-host":"test.1.dns.xxxx.cn:443"}` 会获取失败,导致500 ` java.lang.NullPointerException: null at bridge.controller.WeblogController.getWeblogList(WeblogController.java:59) ~[classes!/:1.0-SNAPSHOT] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_342] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_342] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_342] at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_342] ` 添加判断: ` if (headerMap.get("user-agent")...
再https://github.com/fnmsd/MySQL_Fake_Server是支持navicat的 关于认证:默认认证插件一般使用mysql_native_password,但是由于协议实现的问题,navicat下会连接失败,此时在使用的用户名后追加 _clear 即可切换为mysql_clear_password,navicat连接成功,读取到文件。
**Is your request based on a publicly known cryptographic schema and where can we find information about?** For instance: - Yes, this CMS is based on encryption rules that combine...
内存马注入不生效
目标:spring-boot,内置tomcat8 生产方式:jar包 测试工具:冰鞋、哥斯拉 中间件:spring MVC 、Tomcat 组件类型:Listenter 注入方式:本地jar -jar toos.jar pid ``` root@36e5248b2ca4 webapps]# java -jar demo.jar [*] Found pid 839 ——> [user--1.6.jar] [*] Found pid 889 ——> [demo.jar] [root@36e5248b2ca4...
目标环境: jdk 1.8_201 spring-boot 2.1 (内置tomcat8) 注入方式: ``` [root@36e5248b2ca4 webapps]# java -jar vagent.jar ------------------- name >>> user-xxxx-1.xxx.jar id >>> 205 success [root@36e5248b2ca4 webapps]# java -jar vagent.jar ------------------- name >>> user-xxx-1.xxx.jar...
1) 你正在使用的 V2RayU 和 Mac 版本 ? 4.1.0 Mac M1 14.5 2) 你遇到的问题是什么?(请描述具体现象,比如访问超时,TLS 证书错误等) An error occurred while extracting the archive. Please try again later. 3) 请附上你的配置(提交 Issue 前请隐藏服务器端IP地址)。 4)...
### Self Checks - [x] This is only for bug report, if you would like to ask a question, please head to [Discussions](https://github.com/langgenius/dify/discussions/categories/general). - [x] I have searched for existing...
遇到post json {"account":"18888888888","password":"123","time":1734926521,"sign":""} return [ { name: "sign", value: sign, location: ParameterType.PARAM_JSON, action: EditAction.OVERRIDE, }, { name: "time", value: timestamp, location: ParameterType.PARAM_JSON, action: EditAction.OVERRIDE, }, ] 动态修改提示:[WARN][2024-12-23T12:19:36.259950] Edit parameter on...