Skip to content

[pull] master from Mr-xn:master #513

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
pull wants to merge 56 commits into
base: master
Choose a base branch
from
Open

[pull] master from Mr-xn:master #513

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
56 commits
Select commit Hold shift + click to select a range
2415054
Update update_readme.py
Mr-xn Feb 27, 2026
9238172
docs: 更新 2 篇文章 - 九佳易管理系统 picHY.ashx SQL 注入漏洞 | 大蚂蚁 (BigAnt) 即时通讯系统 安装…
github-actions[bot] Feb 27, 2026
9f715b5
docs: 更新 1 篇文章 - 青龙面板最新版v2.20.1 鉴权绕过致RCE [skip ci]
github-actions[bot] Feb 27, 2026
bde24c2
docs: 更新 1 篇文章 - 大蚂蚁 (BigAnt) 即时通讯系统 moveDept SQL注入漏洞 [skip ci]
github-actions[bot] Feb 27, 2026
4011e68
Create security audit report for Qinglong v2.20.1
Mr-xn Feb 27, 2026
fc5cc5c
Add files via upload
Mr-xn Feb 27, 2026
194bc49
add qinglong-auth-bypass2rce/青龙(qinglong)面板权限绕过致未授权远程代码执行(RCE)漏洞分析复现
Mr-xn Feb 27, 2026
d484232
add 青龙(qinglong)面板权限绕过致未授权远程代码执行(RCE)漏洞分析复现
Mr-xn Feb 27, 2026
cdafdd0
docs: 更新 1 篇文章 - 九佳易管理系统 Ajax_XT.ashx SQL 注入漏洞 [skip ci]
github-actions[bot] Feb 28, 2026
3393578
docs: 更新 1 篇文章 - 九佳易管理系统 PrivilegedCodeDestroy.asmx SQL注入漏洞 [skip ci]
github-actions[bot] Mar 1, 2026
ae435b9
docs: 更新 1 篇文章 - 大蚂蚁 (BigAnt) 即时通讯系统 updateLoginName SQL注入漏洞 [skip ci]
github-actions[bot] Mar 1, 2026
54556b7
docs: 更新 1 篇文章 - 深信服运维安全管理系统 change_net 远程命令执行漏洞 [skip ci]
github-actions[bot] Mar 2, 2026
1094eb2
docs: 更新 1 篇文章 - 深信服运维安全管理系统 del_net 远程命令执行漏洞 [skip ci]
github-actions[bot] Mar 3, 2026
7b230d0
docs: 更新 1 篇文章 - 深信服运维安全管理系统 del_route 远程命令执行漏洞 [skip ci]
github-actions[bot] Mar 4, 2026
2e4df8c
docs: 更新 1 篇文章 - 深信服运维安全管理系统 getLdap 远程命令执行漏洞 [skip ci]
github-actions[bot] Mar 6, 2026
4c23abe
Initial plan
Copilot Mar 6, 2026
7f075b9
reorganize: create iot/, web/, privesc/, pc/ dirs and move loose md f…
Copilot Mar 6, 2026
934a4a3
Merge pull request #31 from Mr-xn/copilot/organize-project-structure
Mr-xn Mar 6, 2026
755cfa8
docs: 更新 1 篇文章 - 深信服运维安全管理系统 save_SNMP 远程命令执行漏洞 [skip ci]
github-actions[bot] Mar 7, 2026
e2dbf8f
docs: 更新 1 篇文章 - 深信服运维安全管理系统 csspost/update 远程命令执行漏洞 [skip ci]
github-actions[bot] Mar 8, 2026
cef004a
docs: 更新 1 篇文章 - 深信服运维安全管理系统 upload_file 远程命令执行漏洞 [skip ci]
github-actions[bot] Mar 9, 2026
57e4046
docs: 更新 1 篇文章 - 深信服运维安全管理系统 del_patch 远程命令执行漏洞 [skip ci]
github-actions[bot] Mar 10, 2026
2f63804
docs: 更新 1 篇文章 - 深信服运维安全管理系统 install_patch 远程命令执行漏洞 [skip ci]
github-actions[bot] Mar 11, 2026
3d1fe2e
docs: 更新 1 篇文章 - 深信服运维安全管理系统 remote_get_clip_img 远程命令执行漏洞 [skip ci]
github-actions[bot] Mar 12, 2026
7fb1684
docs: 更新 1 篇文章 - 深信服运维安全管理系统 uninstall_patch 远程命令执行漏洞 [skip ci]
github-actions[bot] Mar 13, 2026
1ba9995
docs: 更新 1 篇文章 - 深信服运维安全管理系统 get_clip_img 远程命令执行漏洞 [skip ci]
github-actions[bot] Mar 14, 2026
31ac4c3
docs: 更新 1 篇文章 - 深信服运维安全管理系统 down_load 远程命令执行漏洞 [skip ci]
github-actions[bot] Mar 15, 2026
bbaaa4c
docs: 更新 1 篇文章 - 深信服运维安全管理系统 port_validate 远程命令执行漏洞 [skip ci]
github-actions[bot] Mar 16, 2026
f71acca
Initial plan
Copilot Mar 16, 2026
94aa543
Add Webpack_extract to README tools section near Webpackfind
Copilot Mar 16, 2026
2805981
Merge pull request #32 from Mr-xn/copilot/update-readme-for-webpack-e…
Mr-xn Mar 16, 2026
4ad78ef
Bump pyopenssl from 19.0 to 26.0.0 in /BlueKeep
dependabot[bot] Mar 16, 2026
b506108
docs: 更新 1 篇文章 - 深信服运维安全管理系统 save_strategy 远程命令执行漏洞 [skip ci]
github-actions[bot] Mar 17, 2026
a56eee7
Initial plan
Copilot Mar 17, 2026
2829884
docs: add NX_Firmware to README IOT section
Copilot Mar 17, 2026
b8c255b
Merge pull request #34 from Mr-xn/copilot/add-description-to-readme
Mr-xn Mar 17, 2026
8ae14d6
Merge pull request #33 from Mr-xn/dependabot/pip/BlueKeep/pyopenssl-2…
Mr-xn Mar 17, 2026
3d96ed1
docs: 更新 1 篇文章 - 深信服运维安全管理系统 generate_certificate 远程命令执行漏洞 [skip ci]
github-actions[bot] Mar 18, 2026
477925e
docs: 更新 1 篇文章 - 深信服运维安全管理系统 update_date 远程命令执行漏洞 [skip ci]
github-actions[bot] Mar 19, 2026
c7ed81b
Add Wireshark-MCP to tools section (#35)
Copilot Mar 19, 2026
99e3141
docs: 更新 1 篇文章 - 深信服运维安全管理系统 upload_CN 远程命令执行漏洞 [skip ci]
github-actions[bot] Mar 20, 2026
8609539
Add ByPassTamperPlus to README.md (#36)
Copilot Mar 20, 2026
a03ac05
docs: 更新 1 篇文章 - 深科特 LEAN MES系统 ChooseLineAndRes.ashx SQL 注入漏洞 [skip ci]
github-actions[bot] Mar 22, 2026
eca771d
docs: 更新 1 篇文章 - 深科特 LEAN MES系统 /Handler/SMTLoadingMaterial.ashx SQL注…
github-actions[bot] Mar 23, 2026
13723b6
docs: 更新 1 篇文章 - 深科特 LEAN MES系统 EquipmentTree.ashx SQL注入漏洞 [skip ci]
github-actions[bot] Mar 24, 2026
91b5bf6
docs: 更新 1 篇文章 - 深科特 LEAN MES系统 UploadPortraits.ashx 文件上传漏洞 [skip ci]
github-actions[bot] Mar 24, 2026
45eb8b1
Add DarkSword iOS exploit repositories to README (#37)
Copilot Mar 24, 2026
80c4af8
docs: 更新 1 篇文章 - 深科特 LEAN MES系统 /Handler/FileSync.ashx 任意文件读取/上传/删除/S…
github-actions[bot] Mar 25, 2026
0b33df2
docs: 更新 1 篇文章 - 深科特 LEAN MES系统 DownLoad.aspx 任意文件读取漏洞 [skip ci]
github-actions[bot] Mar 26, 2026
d7688b3
docs: 更新 1 篇文章 - 深科特 LEAN MES系统 /Handler/MobileAppLogin.ashx SQL注入漏洞 …
github-actions[bot] Mar 26, 2026
575f274
docs: 更新 1 篇文章 - 深科特 LEAN MES系统 PrintUpdate.ashx 任意文件读取/上传/删除漏洞 [skip…
github-actions[bot] Mar 27, 2026
797e3b6
docs: 更新 1 篇文章 - 深科特 LEAN MES系统 TestManagePlatform.ashx SQL注入漏洞 [skip…
github-actions[bot] Mar 28, 2026
8e29dd9
Add ProcIR Windows incident response tool to README (#40)
Copilot Mar 28, 2026
f05665b
docs: 更新 1 篇文章 - 深科特 LEAN MES系统 UploadHander.ashx 文件上传漏洞 [skip ci]
github-actions[bot] Mar 29, 2026
b712c5a
docs: 更新 1 篇文章 - 深科特 LEAN MES系统 CreateMenus.aspx 任意文件上传漏洞 [skip ci]
github-actions[bot] Mar 31, 2026
21e4ead
docs: 更新 1 篇文章 - 深科特 LEAN MES系统 AutoComplete.ashx SQL注入漏洞 [skip ci]
github-actions[bot] Apr 1, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion BlueKeep/requirements.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
pyopenssl==19.0
pyopenssl==26.0.0
191 changes: 117 additions & 74 deletions README.md
View file
Open in desktop

Large diffs are not rendered by default.

0 ...dle Fire HD (3rd Generation)内核驱动拒绝服务漏洞.md → ...dle Fire HD (3rd Generation)内核驱动拒绝服务漏洞.md
View file
Open in desktop
File renamed without changes.
0 ...1-14536_锐捷RG-UAC统一上网行为管理审计系统账号密码信息泄露漏洞.md → ...1-14536_锐捷RG-UAC统一上网行为管理审计系统账号密码信息泄露漏洞.md
View file
Open in desktop
File renamed without changes.
0 CVE-2019-16313 蜂网互联企业级路由器v4.31密码泄露漏洞.md → iot/CVE-2019-16313 蜂网互联企业级路由器v4.31密码泄露漏洞.md
View file
Open in desktop
File renamed without changes.
0 CVE-2019-16920-D-Link-rce.md → iot/CVE-2019-16920-D-Link-rce.md
View file
Open in desktop
File renamed without changes.
0 CVE-2020-9374.md → iot/CVE-2020-9374.md
View file
Open in desktop
File renamed without changes.
0 WLAN-AP-WEA453e RCE三星路由器远程命令执行漏洞.md → iot/WLAN-AP-WEA453e RCE三星路由器远程命令执行漏洞.md
View file
Open in desktop
File renamed without changes.
0 华为WS331a产品管理页面存在CSRF漏洞.md → iot/华为WS331a产品管理页面存在CSRF漏洞.md
View file
Open in desktop
File renamed without changes.
0 天翼创维awifi路由器存在多处未授权访问漏洞.md → iot/天翼创维awifi路由器存在多处未授权访问漏洞.md
View file
Open in desktop
File renamed without changes.
0 CVE-2019-0708-msf快速搭建.md → pc/CVE-2019-0708-msf快速搭建.md
View file
Open in desktop
File renamed without changes.
0 ...ack Overflow-Linux图形界面X Server本地栈溢出POC.md → ...ack Overflow-Linux图形界面X Server本地栈溢出POC.md
View file
Open in desktop
File renamed without changes.
0 CVE-2020-0796检测与修复.md → pc/CVE-2020-0796检测与修复.md
View file
Open in desktop
File renamed without changes.
0 CVE-2021-1675.md → privesc/CVE-2021-1675.md
View file
Open in desktop
File renamed without changes.
0 CVE-2021-22555.md → privesc/CVE-2021-22555.md
View file
Open in desktop
File renamed without changes.
0 PAM劫持SSH密码.md → privesc/PAM劫持SSH密码.md
View file
Open in desktop
File renamed without changes.
0 adduser添加用户.md → privesc/adduser添加用户.md
View file
Open in desktop
File renamed without changes.
0 使用vbs脚本添加管理员用户.md → privesc/使用vbs脚本添加管理员用户.md
View file
Open in desktop
File renamed without changes.
13 changes: 13 additions & 0 deletions qinglong-auth-bypass2rce/docker-compose.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
version: '3'
services:
qinglong:
image: whyour/qinglong:2.20.1
container_name: ql-vuln-test
ports:
- '5710:5700'
volumes:
- ql_data:/ql/data
restart: unless-stopped

volumes:
ql_data:
Loading