阿信
阿信
From the spring-mvc.xml, we can figure out that we are able to access chat/imController/showOrDownByurl.do  and then we go to the source code:  as you can see, the variable...
### Preflight Checklist - [X] I agree to follow the [Code of Conduct](https://github.com/HXSecurity/DongTai/blob/main/.github/CODE_OF_CONDUCT.md) that this project adheres to. - [X] I have searched the [issue tracker](https://www.github.com/HXSecurity/DongTai/issues) for an issue that...
听了前辈的扫描器开发经验课程,里面提到了这个工具,结果过来发现没开源,期待开源,学习
wtcms is based on thinkcmf,but there is a RCE vulnerability has been exposed about thinkcmf in October(detail:https://www.freebuf.com/vuls/218105.html)。An attacker can execute any command by requesting `?a=fetch&content=` To demonstrate this vulnerability, we...
### Preflight Checklist - [X] I agree to follow the [Code of Conduct](https://github.com/HXSecurity/DongTai/blob/main/.github/CODE_OF_CONDUCT.md) that this project adheres to. - [X] I have searched the [issue tracker](https://www.github.com/HXSecurity/DongTai/issues) for an issue that...