漏洞描述
Dubbo Admin是Apache Dubbo服务治理和管理系统的一部分,可通过exp伪造身份信息,进入后台进行恶意数据植入拿到系统权限
Dubbo-admin-存在认证绕过
PoC代码
暂无相关漏洞推荐
- POC CVE-2017-11107: phpLDAPadmin <= 1.2.3 - Reflected XSS
- POC keycloak-admin-console-config: Keycloak Admin Console Configuration Disclosure
- POC phpmyadmin-fpd: phpMyAdmin Full Path Disclosure
- POC wp-admin-menu-editor-fpd: Admin Menu Editor - Full Path Disclosure
- Smartadmin 简致微信管理系统默认口令漏洞
- WordPress Plugin Alone Theme /wp-admin/admin-ajax.php beplus_import_pack_install_plugin 文件上传漏洞(CVE-2025-5394)
- WordPress Time Clock 插件 /wp-admin/admin-ajax.php 代码执行漏洞 (CVE-2024-9593)
- (CVE-2025-15003)SeaCMS至13.3版本admin_video.php文件SQL注入漏洞
- WordPress wp-event-solution 插件 /wp-admin/admin-ajax.php 文件读取漏洞(CVE-2025-47445)
- POC wp-woocommerce-admin-fpd: WordPress Plugin WooCommerce Admin (woocommerce-admin) Full Path Disclosure
- go-ldap-admin /api/log/operation/list 权限绕过漏洞(CVE-2025-13948)
- POC cluster-trino-admin-login: Cluster Overview Trino - Admin Login
- 天锐绿盘云文档安全管理平台 /lddsm/service/../admin/config/findConfigForPage.do SQL 注入漏洞