PT-2023-17800 · Unknown · Moxi624 Mogu Blog

Name of the Vulnerable Software and Affected Versions: moxi624 Mogu Blog v2 up to 5.2 Description: A problematic issue has been found in the software, affecting the function uploadPictureByUrl of the file /mogu-picture/file/uploadPicsByUrl. The manipulation of the argument urlList leads to absolu...

Mogu blog 路径遍历漏洞

Mogu blog is a micro-architecture based front-end and back-end shared blog system by individual developers in Streamlet, China. Mogu Blog v2 to 5.2 version of the path traversal vulnerability , the vulnerability stems from the path /mogu-picture/file/uploadPicsByUrl in the uploadPictureByUrl...

Houben figure enterprise website system cookies injection-vulnerability warning-the black bar safety net

Based on asp+access corporate website source code, database has been provided with an anti-download the site more secure. To modify a site, custom your own to the page, and landscaping page is your own complete, website source code program is complete, the background powerful. Source code downloa...

Amoy Royal Taobao guest security vulnerabilities and fixes-vulnerability warning-the black bar safety net

Official website: http://www.taodisoft.com 1, demo Station background turned out to have a place to upload pictures, does not prohibit the upload. 2, the upload image simple filtration, easy to break, Upload a php file, and can be executed. 3, the servervpsconfiguration severe lower, get a webshe...

Dig Emperor Management Platform security vulnerabilities-vulnerability warning-the black bar safety net

Official website: 1, demo Station background turned out to have a place to upload pictures, does not prohibit the upload. 2, the upload image simple filtration, easy to break, Upload a php file, and can be executed. 3, the servervpsconfiguration severe lower, get a webshell directly after is a...

High-speed Ankang School Site program v3. 1. 1 cookie injection vulnerability-vulnerability warning-the black bar safety net

PS:seems to be oyaya kernel. Use the system notes: 1. The present program consists of extreme well-being and development,the symbolic charge a little Fee for everyone to use! 2. The present system for sharing procedures,the user the freedom to choose whether to use,in use, any problems and losses...

Concave Yaya news publishing system ACC version SQL Edition latest through the kill injection 0day-vulnerability warning-the black bar safety net

Use code: javascript:alertdocument. cookie="BigClassName="+escape"%2 5' and 1=2 union select 1,admin,3,password,5,6,7,8,9,1 0,1 1,1 2,1 3 from admin where 1=1 and 'a'='a"; Open thepage, then in the first page of the IE address bar above the use of the code, and then access the? Page refresh time,...

The latest SMSJ Version 8.0 vulnerability-vulnerability warning-the black bar safety net

Author:rover Help a friend testing the site's security, using SMSJ Version 8.0, known as the imitation of the Alibaba stuff, the registered enterprise members, login Manager, find the upload pictures will be categorized into one http://www. rover. com/UserDocument/your registered member account...