14 matches found
Code Execution Vulnerability in ZZCMS asp Version
ZZCMS is a completely open source based on PHP, ASP's product investment website management system , project investment website management system , enterprise website management system . ZZCMS asp version of the existence of code execution vulnerabilities , attackers can use the vulnerability to...
MailEnable Enterprise <= 2.0 (ASP Version) Multiple Vulnerabilities
No description provided by source. Hi, I'm Soroush Dalili from GrayHatz Security Group GSG. I found multiple bugs in MailEnable Enterprise Edition ASP Version = 2.0 that I listed them below: 1 - Any user can login to web administration site. 2 - Authenticated normal user can gain ADMIN or SYSADMI...
FoosunCms(wind noise cms) asp version sql vulnerability attached to the exp-bug warning-the black bar safety net
FoosunCms the asp version getshell In the file\User\award\awardAction. asp: Integral=NoSqlHackrequest. QueryString"Integral" if action="join" then UserConn. execute"Insert into FSMEUserPrize prizeid,usernumber,awardID values" CintStrprizeID&",'"&session"FSUserNumber"&"'," CintStrawardID&"" 'Get t...
FCKEditor 2.6.8 file upload and CKFinder/FCKEditor DoS vulnerability-vulnerability warning-the black bar safety net
Thanks to the endless in freebuf community”share the mission”to give a clue, only with this article Original post: http://club.freebuf.com/?/question/129reply12 FCKEditor 2.6.8 file upload vulnerability Exploit-db on the original as follows: - Title: FCKEditor 2.6.8 ASP Version File Upload...
The latest FCKEditor ASP upload bypass vulnerability-vulnerability warning-the black bar safety net
exploiut-db: FCKEditor ASP Version 2.6.8 File Upload Protection Bypass - Title: FCKEditor 2.6.8 ASP Version File Upload Protection bypass - Credit goes to: Mostafa Azizi, Soroush Dalili - Link:http://sourceforge. net/projects/fckeditor/files/FCKeditor/ - Description: There is no validation on...
TAYGOD free enterprise built Station system vulnerability TAYGOD 0day-vulnerability warning-the black bar safety net
A system description TAYGOD free enterprise built Station system is an open source FREE program that you can TAYGOD free enterprise built Station system ASP version is a tool based on asp+access free open source website system. The entire design of the system structure, fully consider the SME...
Deep-throat enterprise website management system ASP version get shell-vulnerability warning-the black bar safety net
| ! View the version http://www.0day.com/SHLCMS 说明 文档 .htm In the system configurationaboveof the company Chinese name of the Insert"%%eval request"a"%%s=" after connection/Config/config. asp,password a OK ---...
Ding Feng enterprises smart built Station system injection search injection vulnerability analysis and exploit-vulnerability warning-the black bar safety net
Author: Mo if you are asked Version: Ding Feng enterprises smart built Station system ASP version V0. 3. 6 Yesterday the use of this system to get a webshell, but is the use of download the default database, the latter the discoverer of the system interface's also good, by the look of IT security...
Dana Portal Remote Change Admin Password Exploit
No description provided by source. !/usr/bin/python Abysssec Inc Public Exploit Code Title : Dana Portal Remote Change Admin Password Exploit Affected Version : ASP Version Vulnerable File : albumdetail.asp Vendor Site : www.dana.ir note : no point to keep it private anymore . This exploit ueses ...
Dana Portal - Remote Change Admin Password
Dana Portal - Remote Change Admin Password !/usr/bin/python Abysssec Inc Public Exploit Code Title : Dana Portal Remote Change Admin Password Exploit Affected Version : ASP Version Vulnerable File : albumdetail.asp Vendor Site : www.dana.ir note : no point to keep it private anymore . This exploi...
Dana Portal Remote Change Admin Password Exploit
Exploit for unknown platform in category web applications ================================================ Dana Portal Remote Change Admin Password Exploit ================================================ !/usr/bin/python Abysssec Inc Public Exploit Code Title : Dana Portal Remote Change Admin...
Dana Portal - Remote Change Admin Password
!/usr/bin/python Abysssec Inc Public Exploit Code Title : Dana Portal Remote Change Admin Password Exploit Affected Version : ASP Version Vulnerable File : albumdetail.asp Vendor Site : www.dana.ir note : no point to keep it private anymore . This exploit ueses of sql injection vulnerability exis...
vp-asp-new.txt
VP-ASP 6.00-6.08? SQL Injection / Exploit by [email protected] I'm not responsible for any illegal actions taken by people using the information in this document, if you don't agree please stop reading and close this text document asap. this information is for educational purposes only! ...
MidiCart PHP - 'Item_List.php?SecondGroup' SQL Injection
source: https://www.securityfocus.com/bid/13514/info MidiCart PHP is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data...