Lucene search
+L

1696 matches found

myhack58
myhack58
added 2012/06/17 12:0 a.m.17 views

Dedecms SQL injection lead to a review mechanism bypass vulnerability-vulnerability warning-the black bar safety net

! !...

2.8AI score
Exploits0
seebug.org
seebug.org
added 2012/05/29 12:0 a.m.15 views

织梦(dedecms) 5.7 /plus/car.php sql注入

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2012/05/03 12:0 a.m.19 views

DEDECMS 5.7之前版本远程SQL注入漏洞

DEDECMS是织梦内容管理系统,国内一款基于PHP+MySQL的技术开发的,支持多种服务器平台的PHP网站内容管理系统。 DEDECMS 5.7之前版本在实现上存在SQL注入漏洞,dedecms安装之后默认即开启漏洞模块,远程攻击者可能利用此漏洞非法操作数据库,导致泄露敏感信息或控制应用。 0 dedecms 5.7 临时解决方法: 如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁: 方案一、临时补丁 方案二、以网站管理员身份后台禁用会员功能 系统 - 系统基本参数 - 会员设置 - 是否开启会员功能 改为(否) 方案三、可考虑直接重命名或删除存在漏洞的文件...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2012/03/22 12:0 a.m.30 views

织梦(DedeCMS)后门远程代码执行漏洞

DEDECMS是织梦内容管理系统,国内一款基于PHP+MySQL的技术开发的,支持多种服务器平台的PHP网站内容管理系统。 DedeCMS某些版本/include/shopcar.class.php文件中,被添加后门代码,远程未验证的攻击者利用该后门可以执行任意命令。 0 dedecms 临时解决方法: 如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁: 直接找到站点include目录下shopcar.class.php文件,去掉里面的代码 @evalfilegetcontents'php://input';即可。 厂商补丁: dedecms -------...

7.1AI score
Exploits0
myhack58
myhack58
added 2012/03/22 12:0 a.m.154 views

dedecms 5.7 a word the back door using the exp-bug warning-the black bar safety net

author: a dance of the forest tx Twitter: http://t.qq.com/wulinlw Night to see this http://www.wooyun.org/bug.php?action=view&id=5 4 1 6 shopcar.class.php is implanted in the word @evalfilegetcontents'php://input'; Go to the official website under the set back, look at the following code,...

Exploits0
seebug.org
seebug.org
added 2012/03/21 12:0 a.m.18 views

DedeCMS V5.7 SP1 UTF-8 GBK版本shopcar.class.php被植入后门

No description provided by source...

7.1AI score
Exploits0
myhack58
myhack58
added 2012/01/05 12:0 a.m.15 views

DEDECMS recent xss 0day pass to kill all versions-bug warning-the black bar safety net

Vulnerability cause: due to Editor filter is not strict, will cause the malicious script to run. Can getshell Currently only tested on 5. 3 to 5. 7 version. Other earlier everyone is free to play. Here to talk about the use of the method. Condition 2: The 1. Open registration 2. Open submission...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2012/01/05 12:0 a.m.14 views

DEDECMS 5.7 友情链接flink-add.php XSS

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2012/01/01 12:0 a.m.26 views

Dede(织梦) CMS SQL Injection Vulnerability

No description provided by source. Dede Cms All Versions Sql Vulnerability Exploit / No Priv8 , Everything is Public Date: 30/12/2011 - 13:00 Author: CWH | Finded By : Nafsh We Are : Mr.M4st3r , Nafsh , SkoteVahshat , HijaX Support: Cyberwh.org Mail: [email protected] Software Website:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2011/12/31 12:0 a.m.26 views

织梦(DEDE)CMS V5.3 覆盖任意变量导致远程包含漏洞

织梦内容管理系统,最强大的中文开源CMS网站管理项目,使用PHP+MySQL架构。 在文件include/common.inc.php中: codeforeach$REQUEST as $k=$v //第10行 if strlen$k0 && eregi'^|cfg|GLOBALS',$k && !isset$COOKIE$k exit'Request var not allow!'; //如果以cfg开头的变量以cookie方式提交就可以通过。 if$FILES //第154行 requireonceDEDEINC.'/uploadsafe.inc.php'; /code...

7.1AI score
Exploits0
myhack58
myhack58
added 2011/12/30 12:0 a.m.23 views

Woven dream CMS system - visitors unlimited brush the top step on the value-vulnerability warning-the black bar safety net

Brief description: only tested DEDECMS V5. 7 system,the previous version of the estimates is the same. In the official address to be a simple test,should be regarded as a small BUG,using this you can infinite brush an article of the top/tread value. Detailed description: although the front page d...

7.1AI score
Exploits0
myhack58
myhack58
added 2011/12/17 12:0 a.m.65 views

dedecms any address jump-vulnerability warning-the black bar safety net

Brief description: dedecms any address jump Detailed description: http://www.dedecms.com/plus/download.php?open=1&link=aHR0cDovL3d3dy5iYWlkdS5jb20%3D $link = base64decodeurldecode$link; http://www.badguest.cn the link can be configured to any address, below to jump directly. header"location:$link...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2011/11/29 12:0 a.m.78 views

dedecms v5.5 final getwebshell exploit(datalistcp.class.php)

No description provided by source. ?php printr' +----------------------------------------+ dedecms v5.5 final getwebshell exploit +----------------------------------------+ '; if $argc 3 printr' +----------------------------------------+ Usage: php '.$argv0.' host path host: target server...

7.1AI score
Exploits0
myhack58
myhack58
added 2011/11/15 12:0 a.m.25 views

DEDECMS global variable overwrite vulnerability science-vulnerability warning-the black bar safety net

DEDECMS global variable overwrite vulnerability was first wolves security team 0 9 published in the official soften up until now didn't repair the vulnerability, and now covers substantially DEDECMS full version. Personal guess is not the official deliberately left the back door. The following...

0.5AI score
Exploits0
myhack58
myhack58
added 2011/10/24 12:0 a.m.22 views

Dedecms variable coverage vulnerability Exploit-vulnerability warning-the black bar safety net

Title: Dedecms variable coverage vulnerability Exploit Time: 2011-09-06 Team:MakeBug Author: cfKing / |/ | / | | | / / | | | | | | | / | / / / /| /| | / /| | | |/ / | | | || | | | | | | | | | / / |/ | | / / | | | | | | | | | | | | | \ / / | | / / | | | | | | | || | | || | | || | | | // || // || |...

0.7AI score
Exploits0
myhack58
myhack58
added 2011/10/24 12:0 a.m.713 views

Dede GetWebShell 0Day vulnerability analysis report-vulnerability warning-the black bar safety net

Recently a lot of websites is the explosion compromised, after a security Bao-wide laboratory research and analysis of these sites using DedeCMS CMS, DedeCMS broke a very serious vulnerability, an attacker can direct the server to write“word Trojan”in. DedeCMS vulnerability causes is mainly due t...

0.7AI score
Exploits0
myhack58
myhack58
added 2011/10/17 12:0 a.m.27 views

DEDECMS full version gotopage variable XSS ROOTKITS, 0DAY-vulnerability warning-the black bar safety net

Affected versions: DEDECMS full version The vulnerability described in: DEDECMS background landing template gotopage variable is not tested incoming data, leading toXSSvulnerabilities. \dede\templets\login.htm 6 5 the left and right input type="hidden" name="gotopage" value="? php if!...

1.3AI score
Exploits0
seebug.org
seebug.org
added 2011/10/16 12:0 a.m.23 views

dedecms 5.7 login.htm 跨站脚本漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2011/10/14 12:0 a.m.15 views

DEDECMS \dede\templets\login.htm gotopage变量XSS

No description provided by source. 1.复制粘贴下面的URL访问,触发XSS安装XSS ROOTKIT,注意IE8/9等会拦截URL类型的XSS漏洞,需关闭XSS筛选器。...

7.1AI score
Exploits0
myhack58
myhack58
added 2011/09/27 12:0 a.m.21 views

dedecms official template contains the word Trojan horse-vulnerability warning-the black bar safety net

Now the hacker more audacious Ah, in the Celestial Empire actually dare to do such a blatant thing. Should be a few days ago out of the dedecms the 0day. The official website is dated, and is in the style of the template inside the value into the The word Trojan. XXOO it. These days, what more...

0.5AI score
Exploits0
Rows per page
Query Builder