ambulong/aboutme

About Me

About Me

# Posts

• 2015-08-25 fd上公布的vBulletin rce 0day分析

• 2015-11-09 vBulletin vB_Api_Hook->decodeArguments RCE 分析

• 2015-11-09 vBulletin PHP对象注入漏洞利用之 __toString

• 2016-07-25 Drupal Coder 模块远程命令执行分析(SA-CONTRIB-2016-039)

• 2017-09-02 Wordpress SQL注入分析（一）

• 2017-09-03 Wordpress SQL注入分析（二）

• 2017-09-05 Wordpress POST META_NAME校验绕过

• 2017-11-09 Wordpress <= 4.8.2 SQL Injection POC

• 2018-06-10 phpMyAdmin 4.7.x CSRF 漏洞利用

• 2018-06-12 phpMyAdmin 4.7.x XSRF/CSRF Vulnerability (PMASA-2017-9) Exploit

• 2018-06-21 phpMyAdmin 4.8.x LFI to RCE (Authorization Required)

# Vulnerabilities

• CVE-2017-1000170: jqueryFileTree 2.1.5 and older Directory Traversal

• CVE-2016-7903: Dotclear <= 2.10.2 Password Reset Address Spoof

• CVE-2016-7902: Dotclear <= 2.10.2 (Media Manager) Unrestricted File Upload

• CVE-2016-7904: CMS Made Simple <= 2.1.5 CSRF

• CVE-2016-7964: Dokuwiki <= 2016-06-26a SSRF

• CVE-2016-7965: Dokuwiki <= 2016-06-26a Password Reset Address Spoof

• Subrion CMS <= 4.0.5 arbitrary files delete

• Impress CMS <= 1.3.9 SSRF