雨了个雨's blog

Web

PHPWIND 老版本GBK 任意管理API调用

致远oa 任意文件写入漏洞分析

Metinfo6 Arbitrary File Upload Via Iconv Truncate

Generate all unserialize payload via serialVersionUID

Modify ysoserial jar serialVersionUID

逸创云客服系统 鸡肋xss分析

Some vulnerabilities in JEECMSV9

ThinkCMFX arbitrarily file upload

Exploitng JNDI Injection In Java

RMI ReferenceWrapper_Stub With Hostname