The use of PHP 7 is due to the OPcache execute PHP code-bug warning-the black bar safety net

from:http://blog. gosecure. ca/2 0 1 6/0 4/2 7/binary-webshell-through-opcache-in-php-7/ In the PHP 7.0 release at the beginning, there are a lot of PHP developers for its performance improvement is very attention. In the introduction of OPcache, PHP performance has been greatly improved, many...

Oracle Application Testing Suite 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload

Exploit for jsp platform in category web applications Exploit Title: Oracle Application Testing Suite Authentication Bypass and Arbitrary File Upload Remote Exploit Exploit Author: Zhou Yu Vendor Homepage: http://www.oracle.com/ Software Link:...

Arbitrary File Download and Backdoor Vulnerability in Call Center System of Shenzhen Jishu Communication Co.

Ltd. The kernel of the call center system is the communication-based enterprise internal and external communication and liaison system, and the core part is the switching system PBX Private Branch Exchange. There are arbitrary file downloads and backdoor vulnerabilities in the call center system ...

PHPYUN任意文件上传导致GETSHELL

简要描述： 简单到你难以想象，只要网站还可以注册就可以GETSHELL，无视GPC,无视WAF。4.1beta版本，其他版本未测 详细说明： 1.在审计PHPYUN的时候一度对PHPYUN的WAF非常无语，但是在大家都痴迷于寻找SQL注入漏洞的时候，确实忽略了一个很简单的上传漏洞。首先定位到漏洞文件wap/member/model/index.class.php function photoaction if$POST'submit' pregmatch'/^data:\simage/\w+;base64,/', $POST'uimage', $result;...

Multiple vulnerabilities in the Nepalese national government's common website building system

Nepal National Government Universal System NGUS is a website builder system. There are multiple vulnerabilities in the NGN Universal System that can be exploited by an attacker to obtain sensitive information from the database, upload a webshell, and gain access to the server...

OCS Inventory NG 2.2 - SQL Injection

OCS Inventory NG 2.2 - SQL Injection Exploit Title: OCS Inventory NG /ocsreports/index.php?function=visusearch - Time-based SQL Injection Choose a parameter, use EXACTLY operator: ' union select sleep5; - Code execution Bypass input escape and write to filesystem webshell PoC: ' union select...

SIMOGEO FileManager 2.3.0 File Upload

Exploit Title: SIMOGEO FileManager 2.3.0 - File Upload Vulnerability Date: 2015-12-09 Exploit Author: HaHwul Exploit Author Blog: http://www.codeblack.net Vendor Homepage: https://github.com/simogeo/Filemanager Software Link: git clone http://github.com/simogeo/Filemanager.git Version: 2.3.0 Test...

Digital Paradise Mobile Office Middleware Interface Arbitrary File Write Vulnerability

Digital Paradise's MKey3G mobile office middleware is an enterprise-oriented application BYOD middleware platform, which has been widely used in energy, finance, government and enterprises. There is an arbitrary file writing vulnerability in the interface of Digital Paradise's mobile office...

Kangle虚拟主机本地文件包含漏洞

测试环境：kangle-3.3.9.msi，ep-2.6.4.exe（官方4-18日更新），windows XP 首先安装kangle server，然后安装easypanel，安装成功后访问http://127.0.0.1:3312/，会自动跳转到http://127.0.0.1:3312/vhost/?c=session&a=loginForm。 然后随便输入用户名密码登陆，如图发送的请求： 然后修改请求url中的参数c的值，将session改为： C=../../../../../../../../../../../windows/system.ini%00...

KingTop CMS -- Tupy Technology Backend File Upload Vulnerability

KingTop CMS is a set of easy to learn , simple operation of the open source content management system . KingTop CMS -- Tupy Technology backend file upload vulnerability , attackers can upload webshell through the vulnerability , so as to obtain sensitive information...

E-commerce platform of Beijing 3D World Technology Co., Ltd. suffers from java deserialization vulnerability

Ltd. is a professional software and application service provider of domestic inspection and testing management platform, master data management platform, e-commerce platform and so on. A java deserialization vulnerability exists in the e-commerce platform of Beijing 3D World Technology Co., Ltd...

WordPress Revslider 插件任意文件上传漏洞与任意文件下载漏洞 (SoakSoak)

漏洞描述 据报道，此次SoakSoak恶意软件在大量WordPress站点中的爆发源于一款名为Revslider的幻灯片插件，该插件曾被爆多个安全漏洞，涉及任意文件下载、任意文件上传等。Revslider由ThemePunch出品，属于一款商业性插件（收费），因其具有强大的功能和良好的易用性而有着不错的销量，并且在ThemePunch出品的一些WordPress主题中也自带有该款插件。...

Blade - A Webshell Connection Tool With Customized WAF Bypass Payloads

Blade is a webshell connection tool based on console, currently under development and aims to be a choice of replacement of Chooper 中国菜刀. Chooper is a very cool webshell client with widly typies of server side scripts supported, but Chooper can only work on Windows opreation system, so this is th...

Arbitrary File Upload Vulnerability in Broadband Authentication and Billing System of Chengdu Starry Blue Ocean Network Technology Co.

Blue Ocean Premier Broadband Access Gateway is a specialized intelligent device for Ethernet broadband access. An arbitrary file upload vulnerability exists in the broadband authentication billing system of Chengdu Starry Blue Ocean Network Technology Co., Ltd. An upload point exists in the...

aspcms后台备份逻辑错误导致被注入一句话木马

简要描述： aspcms后台的备份逻辑存在严重的逻辑问题，可导致一句话木马被“引入”执行 详细说明： 众所周知，对以xxx.asp命名的access数据库，只要插入著名的一句话： ┼攠數畣整爠煥敵瑳∨≡┩愾 访问该asp即可得到webshell aspcmsv2.5.8 最新版虽然对正在使用的数据库的名字加了号，导致无法直接访问，但是数据库的备份功能却是直接把数据备份成了 xxx.asp 导致访问备份的数据库网址即可得到webshell 利用过程： 1、在站点前台留言本以 " ┼攠數畣整爠煥敵瑳∨≡┩愾 "做标题留言一则...

LuManager high-risk SQL injection 0day analysis-vulnerability warning-the black bar safety net

2 0 1 5 year 9 month 7 day Ali cloud shield situational awareness system captures the LuManager system of 0day a gold that confirmed that the vulnerabilities once a hacker can use directly to the highest authority of the login background, upload webshell, the control system database, the operatio...

SIMOGEO FileManager 2.3.0 - Multiple Vulnerabilities

Exploit Title: SIMOGEO FileManager 2.3.0 - Path Traversal Vulnerability Date: 2015-12-09 Exploit Author: HaHwul Exploit Author Blog: http://www.codeblack.net Vendor Homepage: https://github.com/simogeo/Filemanager Software Link: git clone http://github.com/simogeo/Filemanager.git Version: 2.3.0...

Automatic SQL Database Injection: jSQL Injection

jSQL Injection is a lightweight application used to find database information from a distant server. Tool is free, open source and cross-platform Windows, Linux, Mac OS X, Solaris. Features: GET, POST, header, cookie methods Normal, error based, blind, time based algorithms Automatic best algorit...

b374k 3.2.3 2.8 CSRF / Command Injection Vulnerabilities

b374k web shell versions 2.8 and 3.2.3 suffer from a cross site request forgery vulnerability that allows for remote command injection. Vendor: ============================================ github.com/b374k/b374k code.google.com/p/b374k-shell/downloads/list code.google.com/archive/p/b374k-shell/...

b374k 3.2.3 2.8 CSRF / Command Injection

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-B374K-CSRF-CMD-INJECTION.txt Vendor: ============================================ github.com/b374k/b374k code.google.com/p/b374k-shell/downloads/list...