2120 matches found
Asprain forum for registered users to upload pictures you can get a webshell-vulnerability warning-the black bar safety net
Asprain is a suitable for all primary and secondary schools, secondary school, technical school, vocational high-building campus Forum, students Forum, some teaching and research departments, companies build internal Forum, IT technology enthusiasts building technology exchange Forum Free Forum...
易分销系统存在geshell漏洞
简要描述: 该漏洞可以在后台直接执行任意PHP脚本文件,可以直接获取webshell,拿到整个服务器权限。sn 详细说明: 首先 在http://shop.fenxiaowang.com/ 免费注册一个账号,获得试用后台地址 然后:登陆试用后台- 页面管理-模板编辑 然后:构造url :index.phpctl=system/template&act=editor&p0=b2bdgfc&p1=xxx.php 通过查看 模板图片即可知道模板路径 ,然后执行你构造的网马 即可获得webshell 漏洞证明:...
Amoy Royal Taobao guest security vulnerabilities and fixes-vulnerability warning-the black bar safety net
Official website: http://www.taodisoft.com 1, demo Station background turned out to have a place to upload pictures, does not prohibit the upload. 2, the upload image simple filtration, easy to break, Upload a php file, and can be executed. 3, the servervpsconfiguration severe lower, get a webshe...
Zhuo Xun intelligent site management system EmteEasySite vulnerability+get webshell method-vulnerability warning-the black bar safety net
Zhuo Xun intelligent site management system EmteEasySite Official website:http://www. emte. com. cn/ Baidu search: Technical support:Zhuo Information Technology Directly into the background to see the copyright is not EmteEasy system /main/login. asp Exploit: The default database address can be...
phpMyAdmin3 (pma3) - Remote Code Execution
!/usr/bin/env python coding=utf-8 pma3 - phpMyAdmin3 remote code execute exploit Author: wofeiwo Thx Superhei Tested on: 3.1.1, 3.2.1, 3.4.3 CVE: CVE-2011-2505, CVE-2011-2506 Date: 2011-07-08 Have fun, DO NOT USE IT TO DO BAD THING. Requirements: 1. "config" directory must created&writeable in pm...
AspCms_v1. 5_2011. 0 3. 0 3 0day vulnerabilities-vulnerability warning-the black bar safety net
AspCmsv1. 52011. 0 3. 0 3 0day vulnerabilities akastN. S. T Adescription ASPCMS is composed of Wuhan on the valley network Technology Co., Ltd. based on ASP+Accesssql2000developed and fully open-source set of built Station system, mainly for enterprises to quickly build simple, efficient, easy to...
Dig Emperor Management Platform security vulnerabilities-vulnerability warning-the black bar safety net
Official website: 1, demo Station background turned out to have a place to upload pictures, does not prohibit the upload. 2, the upload image simple filtration, easy to break, Upload a php file, and can be executed. 3, the servervpsconfiguration severe lower, get a webshell directly after is a...
WanHu ezEIP 2. 0 injection vulnerability 0day-vulnerability warning-the black bar safety net
System name: WanHu ezEIP System version: 2.0 Vulnerability found by: Akast N. S. T Security team: Neuron Security Team Vulnerability type: SQL injection Vulnerability file:/caseinfo. asp Vulnerability variable: Newid=1&cid=1 Software type: business software Development company: Guangzhou million...
Kingtop content management software injection 0day vulnerabilities and fixes-vulnerability warning-the black bar safety net
System name: Kingtop content management software System version: all versions Vulnerability found by: Akast N. S. T Security team: Neuron Security Team Vulnerability type: SQL injection Vulnerability file:/news/index. aspx Vulnerability variable: MenuID Software type: business software Developmen...
WanHu ezEIP 2.0 injection vulnerability and fix-vulnerability warning-the black bar safety net
Vulnerability author: akast Detailed description: Vulnerability file:/caseinfo. asp Vulnerability variable: Newid=1&cid=1 Software type: business software Vulnerability Description: The You can use the injection vulnerability to get the site administrator permissions, so you can login to the...
Analysis of the postgresql database attack techniques II-vulnerability warning-the black bar safety net
You can see we broke up in a field for the name, then we continue incrementing the offset value, to obtain the other field, as shown in Figure 9 and 1=2 union select 1,columnname,'3','4' from informationschema. the columns where tablename='admins' offset 2 limit 1-- ! Figure 9 Field passowrd is...
For JBoss vulnerability to obtain Webshell-vulnerability warning-the black bar safety net
JBoss is a large application platform, ordinary users is difficult to come into contact with. The more difficult to contact something the more I advanced, to borrow a Beijing bus driver Lee su Li of the word“force can only dry out the incompetent, hard to dry out outstanding”, in security is also...
Old Y article management system default database-vulnerability-vulnerability warning-the black bar safety net
Keywords: Powered by laoy8! Words for a sister to say that she has a article blog, for a moment, heart starting to see is a sprinkle system, The results of a look at the old Y, ASP! Apart from anything else directly sweeping the injection, can be swept for a long time is not injection point of...
Hishop(latest edition) 5.4&5.4.1 SQL Injection Exploit[0day]-vulnerability warning-the black bar safety net
hishop since 0 9 in 5.1 and 5. 1. 3 explosion over the vulnerability after it didn't burst. Some time ago, looked under, to find an injection point, but the statement is a bit complex and also filter the underlined table name which has an underscore, so need special configuration, This injection...
dedecms 5.7 the background to get SHELL vulnerability-vulnerability warning-the black bar safety net
| dedecms 5.7 teach the previous version has been greatly improved, Repair the 5. 6 The following version serious uploaded 0day; and Quite tasteless, the premise is to have background permissions. Since the system comes with a file Manager Plug-In does not filter the file upload and after editing...
DEDECMS vulnerability 0day member\index_do. php-vulnerability warning-the black bar safety net
Published author: the mind Affected versions: dedecms Official website: http://www.dedecms.com Vulnerability type: design error Vulnerability description: Vulnerability code: member\indexdo.php else if$fmdo=='login' // http://127.0.0.1/member/indexdo.php?fmdo=login&dopost=login came to this step...
osCommerce 2.3.1 (banner_manager.php)remote file upload vulnerability-vulnerability warning-the black bar safety net
osCommerce is an open source eCommerce program, osCommerce 2.3. 1 bannermanager. php file upload vulnerability can lead an attacker directly access the webshell on. +info: osCommerce 2.3.1 bannermanager.php Remote File Upload Vulnerability Google Dork: powered by oscommerce we will automatically...
Discuz! NT 3.1.0 后台拿webshell
简要描述: 通过后台写入执行代码,直接拿到webshell,从而掌握服务器权限。 详细说明: 1、访问http://127.0.0.1/admin/global/globaltemplatesedit.aspx?path=../tools/&filename=rss.aspx&templateid=1&templatename=Default,写入aspx木马。 2、写入aspx木马后,访问http://127.0.0.1/tools/rss.aspx就可以了。 漏洞证明:...
Discuz! NT 3.1.0 后台拿webshell
简要描述: 通过后台写入aspx木马,直接拿到webshell,然后获取整个服务器权限。 详细说明: 1、访问http://127.0.0.1/admin/global/globaltemplatesedit.aspx?path=../tools/&filename=rss.aspx&templateid=1&templatename=Default,写入aspx木马。 2、写入aspx木马后,访问http://127.0.0.1/tools/rss.aspx就可以了。 漏洞证明:...
DZ-X1. 5 Forum latest backstage get WebShell-vulnerability warning-the black bar safety net
Discuz! X is Kang Sheng Chong want Comsenz launch of a community-based professional jianzhan platform, Forum, BBS, the personal space of SNS, the portal(Portal), group Group, application of open platform the Open Platform for full integration in one, help website realize one-stop service. Look...