Aggregator

机缘巧合下从好兄弟那拿套源码，好久没审计有点生疏了，搭个环境挖一下漏洞

Roothub项目的一次初审计——任意文件上传，多出sql注入

A vulnerability was found in Arcserve Unified Data Protection up to 8.1/9.2. It has been rated as critical. This affects the function doLogin of the component wizardLogin. The manipulation leads to improper authentication. This vulnerability is documented as CVE-2024-0799. The attack can be initiated remotely. There is not any exploit available.

A vulnerability labeled as very critical has been found in Arcserve Unified Data Protection up to 8.1/9.2. Affected by this vulnerability is the function ImportNodeServlet. Such manipulation leads to unrestricted upload. This vulnerability is traded as CVE-2024-0800. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Progress Telerik Reporting 10.2.24.924 and classified as critical. Affected by this issue is some unknown functionality. The manipulation results in deserialization. This vulnerability was named CVE-2024-1856. The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability was found in Progress Telerik Reporting 10.2.24.924. It has been classified as critical. This affects an unknown part. This manipulation causes deserialization. The identification of this vulnerability is CVE-2024-1801. The attack can only be executed locally. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability was found in error311 FileRise up to 2.7.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Sharing Endpoint. Executing manipulation can lead to cross site scripting. This vulnerability is handled as CVE-2025-68116. The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability categorized as problematic has been discovered in x-crypto up to 0.42.x on Go. Affected is an unknown function. Executing manipulation can lead to improper check or handling of exceptional conditions. This vulnerability is tracked as CVE-2025-47913. The attack can be launched remotely. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability classified as problematic was found in SAP BusinessObjects Business Intelligence Platform 430/440. Affected by this vulnerability is an unknown functionality of the component Opendocument URL Handler. Such manipulation leads to cross site scripting. This vulnerability is referenced as CVE-2024-28165. It is possible to launch the attack remotely. No exploit is available. It is best practice to apply a patch to resolve this issue.

引言在 Android 应用安全领域，“加固”是保护应用代码免遭逆向分析和篡改的重要手段。而想要真正理解加固技术，需必须深入 Android 系统的底层运行机制——尤其是应用从点击图标到 Application 初始化的完整启动流程。本文将从 Android 应用的启动过程入手，逐步剖析 Zygote、ActivityManagerService、ActivityThread 以及 LoadedA

Попытка сохранить партнёрство лишь вызвала гнев профильного комитета.

AHA-Fuzz 是首个针对 Android 加固应用的 Intent 感知灰盒模糊测试框架，基于 eBPF 技术开发。它通过有效 Intent 生成器、选择性覆盖反馈机制和增强检测能力三大创新，解决了加固应用难以分析的问题。实验表明，AHA-Fuzz 比现有方法多触发 92.3% 的 Intent、速度快 3.45 倍、执行方法数多 23.9%，并发现了 47 个新漏洞（其中 6 个已被 Goo

A vulnerability classified as problematic has been found in WP Recipe Maker Plugin up to 10.2.3 on WordPress. This impacts an unknown function of the component Shortcode Handler. This manipulation of the argument Name causes cross site scripting. This vulnerability is registered as CVE-2025-14385. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability described as problematic has been identified in HTML Forms Plugin up to 1.6.0 on WordPress. This affects an unknown function of the component File Upload. The manipulation results in cross site scripting. This vulnerability is cataloged as CVE-2025-13861. The attack may be launched remotely. There is no exploit available.

A vulnerability marked as problematic has been reported in Essential Addons for Elementor Plugin up to 6.5.3 on WordPress. The impacted element is an unknown function. The manipulation leads to cross site scripting. This vulnerability is listed as CVE-2025-13977. The attack may be initiated remotely. There is no available exploit.

A vulnerability labeled as critical has been found in Mercury D196G d196gv1-cn-up_2020-01-09_11.21.44. The affected element is the function sub_404CAEDC. Executing manipulation of the argument Password can lead to buffer overflow. This vulnerability is tracked as CVE-2025-50401. The attack can be launched remotely. No exploit exists.

A vulnerability identified as critical has been detected in Mercury D196G d196gv1-cn-up_2020-01-09_11.21.44. Impacted is the function sub_404CAEDC. Performing manipulation of the argument fac_password results in buffer overflow. This vulnerability is identified as CVE-2025-50398. The attack can be initiated remotely. There is not any exploit available.

A vulnerability categorized as problematic has been discovered in Linksys E5600 1.1.0.26. This issue affects the function page_save. Such manipulation of the argument hostname/domainName leads to cross site scripting. This vulnerability is referenced as CVE-2025-29231. It is possible to launch the attack remotely. No exploit is available.

Dream Chapter系列4道题，从简单到疯狂，只做了前3道，都很有收获，最后这道也补上吧。难度 INSANE 的堆题，这里提出一个比网上WP更好用的TSU+打法，以及独一份的详解scanf内部机制利用分析。

A vulnerability was found in trpc up to 10.45.2/11.7.x. It has been rated as critical. This vulnerability affects the function FormDataToObject. This manipulation causes improperly controlled modification of object prototype attributes ('prototype pollution'). The identification of this vulnerability is CVE-2025-68130. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is advised.