kesionCMS 8.0 background holding shell vulnerability-vulnerability warning-the black bar safety net

Some time ago Ghost brother, made a kesion arbitrary download vulnerability on the holding shell further generations. In fact, take the shell was very simple. Method of much is. Just a brother to me get a shell, I just made a to get the shell methods for your reference. The point of sql command...

BBSxp HTMLEncode过滤函数过滤不严导致绕过漏洞

BBSXP为一款简单的ASP+SQL与ACCESS开发的多风格论坛 目前最新版本为BBSXP2008。 官方最新过滤函数HTMLEncode,这次过滤了字符 ,再一次绕过过滤注射 Function HTMLEncodefString fString=ReplacefString,CHR9,"" fString=ReplacefString,CHR13,"" fString=ReplacefString,CHR22,"" fString=ReplacefString,CHR38,"&" '“&” fString=ReplacefString,CHR32," " '“ ”...

Have to say by the campus network see Network Security status-vulnerability warning-the black bar safety net

Preface originally really do not want to write this article, but really can not let people endure. Did not expect the school campus network security situation is actually so bad, one of the most impressive Willy-nilly. Or administrator of quality and safety awareness. Status of the recall a year...