web-app-pentest-altoromutual

Web Application Penetration Test — AltoroMutual demo.testfire...

phpyun 任意用户密码修改两处 (秒破/demo测试)

简要描述： 好久没看过php了。。。。 如题咯。 详细说明： 来看到找回密码的地方。 app/controller/forgetpwd/index.class.php function sendaction $username=yuniconv"utf-8","gbk",$POST'username'; if!$this-CheckRegUser$username&&!$this-CheckRegEmail$username $res'msg'=yuniconv"gbk","utf-8","用户名不符合规范！"; $res'type'='8'; echo...

XDcms订餐网站系统单店版注入(demo测试)

简要描述： rt 详细说明： 黑盒demo测试 首先注册一个用户，然后修改用户资料 http://dd.xdcms.cn/index.php?m=member&f=edit 修改完成之后，下单点餐。 然后报错了。二次注入 由于demo有安全狗，就没用深入测试了。 漏洞证明：...

shop7z某版本一枚SQL注入

简要描述： 这是补充的，，， 详细说明： 这是补充的，，， shop7z某版本一枚SQL注入（demo测试） 版本：Shop7z网上购物系统V3.7 http://down.chinaz.com/soft/35103.htm SQL注入漏洞文件：showone.asp 注入参数：lid= demo测试：http://www.shop7z.com/demo/showone.asp?lid=44 漏洞证明： 可搜索到案例： http://www.hpego.com/showone.asp?lid=41 http://www.kcp88.com/showone.asp?lid=55...

ESPCMS最新版后台登入绕过DEMO测试

简要描述： 漏网之鱼，同样是加解密函数，但又与以前不同。 详细说明： 看看加解密函数 function eccode$string, $operation = 'DECODE', $key = '@LFK24s224%@safS3s%1f%', $mcrype = true $result = null; if $operation == 'ENCODE' if extensionloaded'mcrypt' && $mcrype $result = $this-encryptCookie$string, $key; else for $i = 0; $i...

phpmps通用SQL注入（demo测试成功）

简要描述： phpmps通用SQL注入（demo测试成功） 详细说明： 版本下载地址： http://www.phpmps.com/down/phpmpsv2.3build140305utf8.zip http://www.phpmps.com/demo/admin/login.php 使用admin/gxy123123登录成功： SQL注入EXP：...

articlepro-sql.txt

Kira has decide be back after halloween Discovered by : Mountassif Moad Type Gap : Blind Sql Injection Script : Article Publisher Pro : http://www.phparticlescript.com/ Greetz : Allah , All my freind P0c : http://localhost/contactauthor.php?userid=1+and+1=1 true...

Article Publisher PRO (userid) Remote SQL Injection Exploit

No description provided by source. Kira has decide be back after halloween Discovered by : Mountassif Moad Type Gap : Blind Sql Injection Script : Article Publisher Pro : http://www.phparticlescript.com/ Greetz : Allah , All my freind P0c : http://localhost/contactauthor.php?userid=1+and+1=1 true...

Article Publisher PRO (userid) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications =========================================================== Article Publisher PRO userid Remote SQL Injection Exploit =========================================================== Kira has decide be back after halloween Discovered by :...

Article Publisher PRO - 'userid' SQL Injection

Kira has decide be back after halloween Discovered by : Mountassif Moad Type Gap : Blind Sql Injection Script : Article Publisher Pro : http://www.phparticlescript.com/ Greetz : Allah , All my freind P0c : http://localhost/contactauthor.php?userid=1+and+1=1 true...

CVE-2003-1143

Croteam Serious Sam demo test 2 2.1a, Serious Sam: the First Encounter 1.05, and Serious Sam: the Second Encounter 1.05 allow remote attackers to cause a denial of service crash or freeze via a TCP packet with an invalid first parameter...