Network fun website management system V2. 1 The official version of 0day-vulnerability warning-the black bar safety net

Author: Samy source: bug 1. asp : % Response. Cookies"KuUSER""UserName"="" userid=request. querystring"userid" % % set rsmsg=server. createobject"adodb. recordset" sqlmsg="select from Comuser where comid="&userid&"" rem get the data without the filter rsmsg. open sqlmsg,conn,1,3 if rsmsg. eof and...

ZCMS 1.3 final background verification bypass vulnerability and solution-vulnerability warning-the black bar safety net

Brief description: SSO. jsp The file is a logic error Detailed description: SSO. a jsp file is a logic error % String username = request. getParameter"u"; String time = request. getParameter"t"; String str = request. getParameter"s"; String key = "WIU%&DJAJKL%^WDLJIST"; String s = StringUtil...

phpstcms (STCMS music system) to bypass the backend authentication method-vulnerability warning-the black bar safety net

Published author: the mind Vulnerability type: background verification Vulnerability analysis: a music system-0-in! Throw in the hard disk is also equal to moldy, classic white look at the code. Vulnerability exists in“common.inc.php”file, as follows. phpstcms STCMS music system to bypass the...

PHP Hosting Directory 2.0 background verification bypass vulnerability and fix-vulnerability warning-the black bar safety net

PHP Hosting Directory 2.0 program background verification is not strictly, can lead to bypass the password verification sign in the background. Google: "powered by PHP Hosting Directory 2.0" Default background:http://127.0.0.1/admin Use method: Do not need to enter any password, through cookies...

PHP Hosting Directory 2.0 background verification bypass vulnerability-vulnerability warning-the black bar safety net

PHP Hosting Directory 2.0 program background verification is not strictly, can lead to bypass the password verification sign in the background. Google: "powered by PHP Hosting Directory 2.0" Default background:http://127.0.0.1/admin Use method: Do not need to enter any password, through cookies...

Sablog-X 2.0 admin permissions spoofing vulnerability-vulnerability warning-the black bar safety net

Published:2010-02-24 Affected version: Sablog-X 2.0 Vulnerability description: // cp.php if !$ saxuid || !$ saxpw || !$ saxlogincount || !$ saxhash // As long as this condition is not satisfied,it can be through the background of the permission to verify. loginpage; ... if $saxgroup == 1 // If yo...

Micro's Articles system v1. 5 1 vulnerability-vulnerability warning-the black bar safety net

This system previously it was analysed today see with the updated version so download the back to see The previous vulnerability is up, but new holes came a is upload vulnerability A is background injection The first says that transfer in /manage/video/upfilesoft. asp does not contain the...