CVE-2021-37270

There is an unauthorized access vulnerability in the CMS Enterprise Website Construction System 5.0. Attackers can use this vulnerability to directly access the specified background path without logging in to the background to obtain the background administrator authority...

CVE-2021-37270

There is an unauthorized access vulnerability in the CMS Enterprise Website Construction System 5.0. Attackers can use this vulnerability to directly access the specified background path without logging in to the background to obtain the background administrator authority...

CVE-2021-37270

There is an unauthorized access vulnerability in the CMS Enterprise Website Construction System 5.0. Attackers can use this vulnerability to directly access the specified background path without logging in to the background to obtain the background administrator authority...

Unauthorized access vulnerability in S-CMS enterprise website building system (CNVD-2021-00044)

S-CMS enterprise station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. There is an unauthorized access vulnerability in S-CMS, which can be exploited by an attacker to gain administrator privileges witho...

DedeEIMS v1. 1 storm background path-vulnerability warning-the black bar safety net

includedialogconfig.php //Test user login status $cuserLogin = new 'userLogin' ; if$cuserLogin-getUserID==-1 if$cuserLogin-adminDir==" exit'Request Error!'; $gurl = "../../$cuserLogin-adminDir/login. php? gotopage=". urlencode$dedeNowurl; echo ""; exit; http://www.xxx.com/include/dialog/config.ph...

QVODCMS V4. 0 vulnerabilities related to the use and repair-vulnerability warning-the black bar safety net

First upload: 位于 admin/Fckeditor/maxcmsupload.htm you can directly access the maxcmsupload.htm to: form name="form" id="form" enctype="multipart/form-data" action="maxcmsupload. asp? act=up" method=post Call maxcmsupload. asp maxcmsupload. asp: 'www.2cto.com determine the file type if...

Amoy Royal Taobao guest security vulnerabilities and fixes-vulnerability warning-the black bar safety net

Official website: http://www.taodisoft.com 1, demo Station background turned out to have a place to upload pictures, does not prohibit the upload. 2, the upload image simple filtration, easy to break, Upload a php file, and can be executed. 3, the servervpsconfiguration severe lower, get a webshe...

Dig Emperor Management Platform security vulnerabilities-vulnerability warning-the black bar safety net

Official website: 1, demo Station background turned out to have a place to upload pictures, does not prohibit the upload. 2, the upload image simple filtration, easy to break, Upload a php file, and can be executed. 3, the servervpsconfiguration severe lower, get a webshell directly after is a...

ecshop shop system is a variant of the invasion-bug warning-the black bar safety net

EXP variants of code:search. php? encode=YToxOntzOjQ6ImF0dHIiO2E6MTp7czoxmju6ijenksbhbmqgmt0yiedst1vqiejzigdvb2rzx2lkihvuaw9uigfsbcbzzwxly3qgy29uy2f0khvzzxjfbmftzswwednhlhbhc3n3b3jklccixccpihvuaw9uihnlbgvjdcaxiyinkswxigzyb20gzwnzx2fkbwlux3vzzxijijtzoje6ijeio319 For example: http://www.. com/searc...

Le tour travel site management system v1. 7. 3 Oday-vulnerability warning-the black bar safety net

Author:Lan3a First: The administrator directory under AdminPassod. asp !-- include file="../Include/conn. asp" - !-- include file="../Include/md5. asp" - % select case request. QueryString"Action" case "ModifyPass" SaveNewPass case else end select set rs = server. createobject"adodb. recordset"...

Teach you to quickly locate the target website source code-bug warning-the black bar safety net

First look at an example: The target site is a shopping site, wherein a section of the“My selling”point of the path is: mycsproc. asp-- This page name is very characteristic, Oh To www. seeknot. com the search bar in the input mycsproc. asp, select the default directory to find the way, to submit...