未分类归档 - Shule's Blog

分类：未分类

2 篇文章

PHProxy Server-Side Request Forgery (SSRF) vulnerability

2025-6-13 13:58

2025-7-20 11:19

64 字

1 分钟内

PoC： We can see that PHProxy has filtered some intranet addresses. However, it can still be bypassed by resolving the domain name to an intranet address. A simple proof is sho…

DICOM® Connectivity Framework (DCF) Operations Window Remote Command Execute

2024-2-02 16:42

5,926

未分类

2024-2-29 20:46

92 字

1 分钟内

PoC： The default configuration after DCF installation is to access it without authorization，similar to the figure below. Allowing a user to have full control over the filename…

分类： 未分类

分类：未分类