Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

myhack58
myhack58added 2011/01/11 12:0 a.m.11 views

Analysis of PHP programs in the directory traversal vulnerability-vulnerability warning-the black bar safety net

| The depths of winter and the eve of Directory traversalvulnerabilityboth at home and abroad have many different names,for example, can also be called information leakagevulnerability,non-authorized files contains avulnerability. The name though,but they have a common Genesis,is in the program n...

7.5AI score
Exploits0
myhack58
myhack58added 2009/08/10 12:0 a.m.8 views

Abroad a Blog program 0day-vulnerability warning-the black bar safety net

Author: YJPS reprint please indicate the Recently bored to go abroad on the site wandering around and see a nice Blog system, you can register the user and assign a secondary directory. The more boring it is to detect the next, the following is the analysis of the results. Site: Vulnerability...

7AI score
Exploits0
seebug.org
seebug.orgadded 2009/05/20 12:0 a.m.13 views

Oblog多用户博客程序attachment.asp页面越权漏洞

oBlog多用户博客程序是目前国内应用最广泛的博客程序。OBLOG程序已经广泛应用在国内数万家网站,覆盖国内上千万上网人群,并经过上千家知名网站的严格检测,被称为国内博客建站第一程序oBlog多用户博客程序”是目前国内应用最广泛的博客程序。 漏洞文件:attachment.asp 1. !-- include file= inc/incsyssite.asp -- 2. % 3. Dim Path,rs,FileID,ShowDownErr,uid,fileext 4. Dim SQL 5. Path = TrimRequest path 6. FileID = TrimRequest...

7.6AI score
Exploits0
myhack58
myhack58added 2008/09/30 12:0 a.m.16 views

Z-Blog infinite loop vulnerability attack caused by blog with frequent pop-vulnerability warning-the black bar safety net

Writing a blog is now a lot of people part of every day life, many users like to record diary-like intentions in a blog to record their life and thoughts, but the blog as a personal Journal seems to be on the safe side by a lot of users ignore, personal blog security really can be ignored? A lot ...

7.6AI score
Exploits0
seebug.org
seebug.orgadded 2008/07/21 12:0 a.m.13 views

Z-blog FUNCTION/c_function.asp跨站脚本攻击漏洞

Z-Blog是一款基于Asp平台的Blog博客网志程序,支持Wap,支持Firefox,Oprea等浏览器,在国内使用非常广泛,官方主页在http://www.rainbowsoft.org/。Z-blog代码严谨,前台功能简洁,后台功能强大,这为它的产品安全带来很大的优势,但是在上次的xss漏洞被公布后,80sec在产品中又发现一个严重的跨站脚本攻击漏洞,加上产品设计上的一些问题可能带来严重的后果。 在FUNCTION/cfunction.asp中,程序处理UBB标签的时候存在漏洞,导致任何用户可以在目标页面内执行任意js代码,利用该代码恶意用户可以获取目标站点的所有权限。漏洞代码如下...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2006/08/20 12:0 a.m.65 views

WebspotBlogging login.php远程SQL注入漏洞

BUGTRAQ ID: 16319 CVECAN ID: CVE-2006-0324 WebspotBlogging是一款PHP编写的Blog程序。 WebspotBlogging对用户提交给的参数缺少正确充分的过滤,远程攻击者可以利用此漏洞非授权操作数据库绕过认证。 WebspotBlogging的login.php脚本对用户提交username参数数据缺少充分过滤,远程攻击者可以通过在输入数据中插入特定的SQL命令来非授权获取对数据库的访问。 WebspotBlogging WebspotBlogging 3.0 WebspotBlogging ---------------...

7.5CVSS6.5AI score0.01685EPSS
Exploits2
Rows per page
Query Builder