Merge origin/master, rename to Java Ghost Bits, consolidate links

Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>
2026-05-10 07:00:52 +08:00 · 2026-04-30 12:17:18 +00:00
parent e06206b266 eb74e0c978
commit 753aaed89e
1 changed files with 3 additions and 2 deletions
@@ -85,8 +85,7 @@
 - [vphone-aio：一键运行已越狱并安装完整bootstrap的iOS虚拟手机(vphone)脚本](https://github.com/34306/vphone-aio)
 - [FirmWire：支持三星 Shannon 和 MediaTek 基带固件的全系统动态分析平台，可用于模糊测试、漏洞根因分析与调试](https://github.com/FirmWire/FirmWire)
 - [Podroid：无需 root 即可在 Android 手机上运行 Linux 容器，基于 QEMU 启动 Alpine Linux 虚拟机并提供完整的 Podman 容器运行时](https://github.com/ExTV/Podroid)
- [Tsec-Salon：腾讯安全沙龙历届活动材料](https://github.com/Yeti-791/Tsec-Salon)
- [Cast Attack: Ghost Bits - Black Hat Asia 2026 演讲PDF(幽灵比特位:高位截断)](https://i.blackhat.com/Asia-26/Presentations/Asia-26-Bai-Cast-Attack-Ghost-Bits-4.23.pdf)
+- [Tsec-Salon：腾讯安全沙龙历届活动材料](https://github.com/Yeti-791/Tsec-Salon)|[Java Ghost Bits - Black Hat Asia 2026 演讲PDF(幽灵比特位:高位截断)](https://i.blackhat.com/Asia-26/Presentations/Asia-26-Bai-Cast-Attack-Ghost-Bits-4.23.pdf)

 ## <span id="head4">Web APP</span>

@@ -834,6 +833,8 @@
 - [天地伟业Easy7 /Easy7/rest/file/downloadFile 文件读取漏洞](https://mrxn.net/jswz/easy7-rest-file-downloadFile.html)
 - [天地伟业Easy7 /Easy7/rest/file/uploadIdsHttpFile SSRF+文件写入漏洞](https://mrxn.net/jswz/easy7-rest-file-uploadIdsHttpFile-rce.html)
 - [孚盟云CRM CustomizeReportSelectMould.aspx SQL注入漏洞](https://mrxn.net/jswz/fumacrm-Dingding-CustomizeReport-CustomizeReportSelectMould-sqli.html)
+- [孚盟云CRM ClientNameCard.aspx SQL注入漏洞](https://mrxn.net/jswz/fumacrm-Dingding-Card-ClientNameCard-sqli.html)
+- [孚盟云CRM BusinessPrice.aspx SQL注入漏洞](https://mrxn.net/jswz/fumacrm-Dingding-Product-BusinessPrice-sqli.html)
 - [cPanel WHM 权限绕过致RCE【cve-2026-41940】](https://github.com/watchtowrlabs/watchTowr-vs-cPanel-WHM-AuthBypass-to-RCE.py) | [cve-2026-41940 漏洞分析](https://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/)