[标题搜索]只能搜索题目标题,[综合搜索]支持多关键词多项目搜索(以空格分隔)。
| 序号 | Website | Type | Title | Value | Writeup | Competition | Id |
|---|---|---|---|---|---|---|---|
| 1 | vulfocus | WEB | nagiosxi SQL注入 (CVE-2018-10737) | NagiosXI <= 5.4.12 存在 SQL 注入漏洞(CVE-2018-10737),攻击者可通过 admin/logbook.php 的 txtSearch 参数执行任意 SQL 命令。受影响版本为 5.2.x 和 5.4.x(<5.4.13),修复方法为升级至 5.4.13 或以上版本。漏洞 PoC 示例为: POST /nagiosql/admin/logbook.php txtSearch=-1%' and (select 1 from(select count(*),concat((select (select (select concat(0x7e,version(),0x7e))) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)# 验证后的网址为:https://www.seebug.org/vuldb/ssvid-97267 | https://www.seebug.org/vuldb/ssvid-97267 | - | 16622 |
| 2 | BUUCTF | Pwn | hxb_pwn100 | 无 | https://www.cnblogs.com/yuren123/p/12... | - | 8347 |
| 3 | 封神台 | MISC | 杂项7:社会主义核心价值观 | - | https://bbs.zkaq.cn/t/5477.html#%E6%9... | - | 14806 |
| 4 | ctfshow | WEB入门.框架复现 | web475 | 无 | 验证后的网址 _method=__construct&method=GET... | 框架复现 | 3828 |
| 5 | NSSCTF | MISC | [GoogleCTF 2017 quals]Anonymous exchange | CTF{7h3_b4nk_w4s_pr0ud_0f_1ts_f3d3r4lly_1nsur3d_d3p0s1ts} | https://ctftime.org/writeup/6875 | GoogleCTF | 13930 |
| 6 | NSSCTF | 图片隐写 | [BJDCTF 2020]藏藏藏 | flag{M9eVfi2Pcs#} | https://blog.csdn.net/qq_45163122/art... | BJDCTF | 10614 |
| 7 | xuenixiang.com | Reverse | Chellys identity | - | https://www.xuenixiang.com/forum.php?... | GKCTF_2020 | 15416 |
| 8 | bugku | Crypto | 大帝的征程#3 | rot47解码 | https://ctf.bugku.com/writeup/detail/... | moeCTF2020 | 1128 |
| 9 | ctfshow | _萌新 | web16 | flag{...} | https://www.wlhhlc.top/posts/14827/# ¶web16 | - | 3081 |
| 10 | NSSCTF | RSA | [0x41414141 2021]Hash | flag{I_7h0ught_7h1s_wa5_@_s3cr3t} | https://zhuanlan.zhihu.com/p/353678943 | 0x41414141 | 14186 |