From 582a9726a74d6aa10d5742ec551eaaeb3f1dac1d Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Thu, 16 Apr 2026 14:01:47 +0000
Subject: [PATCH] =?UTF-8?q?docs:=20=E6=9B=B4=E6=96=B0=201=20=E7=AF=87?=
 =?UTF-8?q?=E6=96=87=E7=AB=A0=20-=20mdserver-web(=E5=A4=B8=E7=88=B6?=
 =?UTF-8?q?=E9=9D=A2=E6=9D=BF)=E2=89=A40.18.4=20=E5=A4=9A=E5=A4=84?=
 =?UTF-8?q?=E6=9C=AA=E6=8E=88=E6=9D=83=E8=AE=BF=E9=97=AE=20+=20=E4=BF=A1?=
 =?UTF-8?q?=E6=81=AF=E6=B3=84=E9=9C=B2=20+=20RCE=20=E6=BC=8F=E6=B4=9E?=
 =?UTF-8?q?=E5=88=86=E6=9E=90=20[skip=20ci]?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 1fc4b97..96829e2 100644
--- a/README.md
+++ b/README.md
@@ -819,6 +819,7 @@
 - [天地伟业Easy7 queryRoomName SQL注入漏洞](https://mrxn.net/jswz/easy7-rest-inquestRoom-queryRoomName-sqli.html)
 - [天地伟业Easy7 queryRoomConfigs SQL注入漏洞](https://mrxn.net/jswz/easy7-rest-inquestRoom-queryRoomConfigs-sqli.html)
 - [天地伟业Easy7 UploadOwnerImage.jsp 文件上传漏洞](https://mrxn.net/jswz/easy7-apps-WebService-UploadOwnerImage-rce.html)
+- [mdserver-web(夸父面板)≤0.18.4 多处未授权访问 + 信息泄露 + RCE 漏洞分析](https://mrxn.net/jswz/mdserver-web-unauthentication-bypass-rce.html)
 
 
 ## <span id="head5"> 提权辅助相关</span>