J0o1ey

icon indicating a website link https://j0o1ey.github.io

icon company 要饭 icon location BeiJing icon location ## Application Safe / Red Team ## Contact me with wechat: J0o1ey997

Results 4 issues of J0o1ey

Zfaka Backend RCE(All version)

2 comment

in the background file upload, Zfaka only has one JS check in \public\res\layui\lay\modules\upload.js there is no filtering for the file extension, and there is only one front-end JS verification, So...

Zfaka Version<=1.4.3 SQL Injection

In zfaka version 1.4.3, /application./modules/product/admin/Controllers/product/imgurlajax.php involed a SQL injection Vuln Found the following paragraph ![image-20210526025356848](https://i.loli.net/2021/05/26/sgoDva5h4QYZIGw.png) PDO is the default configuration, and stack injection is immediately thought of After testing, the...

[BUG]感谢作者分享,发现脚本无法正常使用

4 comment

在TamperMonkey中加载脚本后 devtools console中提示如下信息 ![image](https://user-images.githubusercontent.com/30690034/103340430-f2362680-4a7b-11eb-8a94-4615ddd26790.png) 请问如何解决

Dockerfile install wrong

1 comment

Thereis a bug in dockerfile,Result in this error Is there any solution to solve it?