ecmall后台某处任意文件读取

简要描述： 很高兴看到shopex团队终于扛起了这个烂摊子发布了部分的ecmall补丁，可喜可贺的同时再提个醒，前台注射还没有修复完毕，在此先不表。 ecmall后台某处存在任意文件读取漏洞，可以读取服务器系统文件等。 详细说明： 文件admin\app\db.app.php line:198 function download $file = isset$GET'file' ? trim$GET'file' : ''; $backupname = isset$GET'backupname' ? trim$GET'backupname' : ''; if !$file...

Sulata iSoft (stream.php)local file inclusion vulnerability-vulnerability warning-the black bar safety net

Vulnerability type: a file that contains Vulnerability description: the stream. php download function to the path the filter is not strict, resulting in a local loading for any file with vulnerabilities. Vulnerability analysis: stream.php ..... //the includeonce"../home/library.php"; the...

Alibaba's Alipay controls exploit research-vulnerability warning-the black bar safety net

About Alibaba Alipay controls vulnerability, the network is also controversial. Some say that vulnerability exists, and some say does not exist, give me also don't know the letter who. However, no investigation has no say, or let our own go looking for the answer to the question. We first take a...

DEBIAN-CVE-2006-2875

Stack-based buffer overflow in the CLParseDownload function of Quake 3 Engine 1.32c and earlier, as used in multiple products, allows remote attackers to execute arbitrary code via a svcdownload command with compressed data that triggers the overflow during expansion...

bug

Hello vuln, rpf bug. see in download function in search dir. int downloadchar url, char package, char ip //REQUIRES: wget existance; url && package && ip != NULL //EFFECTS : download the package via wget char page2048; int status, i; status = 0; memset page, 0x0, sizeofpage ; sprintfpage,...

CVE-2003-1028

CVE-2003-1028 : The vulnerability lies in the download function of Internet Explorer 6 SP1, where an HTTP response with an invalid Content-Type and a .htm file can disclose the cache directory name. This information disclosure could allow remote attackers to bypass security measures that rely on ...