Aggregator

2025数字中国创新大赛-移动互联网（APP）安全积分争夺赛初赛 Writeup

先知社区更新日志（2025-03-29）

2025 数字中国创新大赛数字安全赛道数据安全产业积分争夺赛初赛题解

第十八届软件系统安全赛攻防赛半决赛-Razorcor Writeup

GitLab 历年来曝出过大量安全漏洞，涵盖远程代码执行（RCE）、提权、SSRF、XSS、任意文件读取、CI/CD 注入以及各种逻辑缺陷等。在红队视角下，这些漏洞尤其值得关注，因为它们往往能被利用实现对GitLab服务器或敏感数据的控制。下面按漏洞类型对关键历史 CVE 和研究案例进行分类梳理，并提供漏洞描述、影响版本、触发点、利用方式等细节。

无限接近真实系统的靶机环境

周末高强度比赛中发现一个质量较高的比赛

CicadasCMS是用springboot+mybatis+beetl开发的一款CMS，支持自定义内容模型、模板标签、全站静态化等功能。

A vulnerability classified as problematic has been found in fumiao opencms up to a0fafa5cff58719e9b27c2a2eec204cc165ce14f. Affected is an unknown function of the file opencms-dev/src/main/webapp/view/admin/document/dataPage.jsp. The manipulation of the argument path leads to path traversal. This vulnerability is traded as CVE-2025-3317. It is possible to launch the attack remotely. Furthermore, there is an exploit available. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

A vulnerability was found in FUDforum 3.1.3. It has been declared as problematic. This vulnerability affects unknown code of the file /adm/admsql.php. The manipulation of the argument statements leads to cross site scripting. This vulnerability was named CVE-2024-30950. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic was found in FUDforum 3.1.3. Affected by this vulnerability is an unknown functionality of the file /adm/admsmiley.php. The manipulation of the argument chpos leads to cross site scripting. This vulnerability is known as CVE-2024-30951. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Google Chrome. It has been classified as critical. This affects an unknown part of the component V8. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2024-3914. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Htmly 2.9.5. Affected by this issue is some unknown functionality of the component Menu Editor Module. The manipulation of the argument Link Name leads to cross site scripting. This vulnerability is handled as CVE-2024-30953. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in FFmpeg 5.1/6.1 and classified as problematic. This issue affects some unknown processing of the file libavfilter/avf_showspectrum.c. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2024-31585. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in FFmpeg 6.1. It has been classified as critical. Affected is the function draw_block_rectangle of the file libavfilter/vf_codecview.c. The manipulation leads to buffer overflow. This vulnerability is traded as CVE-2024-31582. It is possible to launch the attack remotely. There is no exploit available.

Currently trending CVE - Hype Score: 8 - There exists a vulnerability in Quick Share/Nearby, where an attacker can bypass the accept file dialog on Quick Share Windows. Normally in Quick Share Windows app we can't send a file without the user accept from the receiving device if the visibility is set to everyone mode or ...

Currently trending CVE - Hype Score: 8 - CrushFTP 10 before 10.8.4 and 11 before 11.3.1 allows authentication bypass and takeover of the crushadmin account (unless a DMZ proxy instance is used), as exploited in the wild in March and April 2025, aka "Unauthenticated HTTP(S) port access." A race condition exists in the ...

Currently trending CVE - Hype Score: 16 - YesWiki is a wiki system written in PHP. The squelette parameter is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server. This vulnerability is fixed in 4.5.2.

Currently trending CVE - Hype Score: 17 - Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code Users are recommended to upgrade to version 1.15.1, which fixes the issue.

Currently trending CVE - Hype Score: 13 - Issue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file exists in WinRAR versions prior to 7.11. If a symbolic link specially crafted by an attacker is opened on the affected product, arbitrary ...