Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
myhack58佚名MYHACK58:62201129665
HistoryMar 09, 2011 - 12:00 a.m.

dir cms width byte injection vulnerability-vulnerability warning-the black bar safety net

2011-03-0900:00:00
佚名
www.myhack58.com
8
JSON

|

Description: unintentionally black box found dircms there is a wide byte to bring the injection problem, although popular over a period of time, looks like now people are not too concerned about this issue. Tested under found there are two places there is a problem:

  1. http://demo. dircms. net/lifecms/search/index. php? type=content&catid=1 2 7&xs=&wylx=%BF’%20order%20by%2 0 1 0 0% 2 3
    This is not to say
  2. http://demo. dircms. net/lifecms/guestbook/index. php? action=post
    This place is similar to the Empire guestbook that wide byte injection, the title and content can use a wide bytes into SQL statement execution

Author:tojen

JSON