Lucene search
K

6 matches found

seebug.org
seebug.org
added 2009/12/25 12:0 a.m.13 views

Discuz! 5.x&6.x&7x 重置用户密码漏洞

No description provided by source...

7.1AI score
Exploits0
myhack58
myhack58
added 2008/11/17 12:0 a.m.38 views

DZ! sodb-2 0 0 8-1 3 EXP published-vulnerability warning-the black bar safety net

!/ usr/bin/php ? php / Discuz! 6. x/7. x SODB-2 0 0 8-1 3 Exp By www.80vul.com Notes the value of the variable, add your own modifications / $host = ‘www.80vul.com’; // Server domain or IP $path = ‘/discuz/’; // Where the program path $key = 0; // The above variable is edited, make will the value...

7.1AI score
Exploits0
myhack58
myhack58
added 2008/11/15 12:0 a.m.21 views

Discuz! 6. x/7. x SODB-2 0 0 8-1 3 Exp-vulnerability warning-the black bar safety net

!/ usr/bin/php ? php / Discuz! 6. x/7. x SODB-2 0 0 8-1 3 Exp By www.80vul.com Notes the value of the variable, add your own modifications / $host = 'www.80vul.com'; // Server domain or IP $path = '/discuz/'; // Where the program path $key = 0; // The above variable is edited, make will the value...

7.2AI score
Exploits0
seebug.org
seebug.org
added 2008/11/05 12:0 a.m.20 views

Discuz! 路径信息泄露漏洞

目录\ucclient\data\cache,\forumdata\cache等下面的文件里对如:br / br / $CACHE'settings' = array br / 'accessemail' = '',br / 'censoremail' = '',br / 'censorusername' = '',br / 'dateformat' = 'y-n-j',br / 'doublee' = '1',br / 'nextnotetime' = '0',br / 'timeoffset' = '28800',br / ;br / br / br /...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/10/28 12:0 a.m.21 views

Discuz 6.X [flash] xss bug

其实该漏洞在2007年就公布过了1,但是经过80vul-A测试改漏洞一直没有被修补。该漏洞的分析主要点如下: 第一:Discuz!把allowScriptAccess设置为sameDomain:param name="allowScriptAccess" value="sameDomain"我们只需要把swf文件上传到目标上就可以使用flash调用我们构造的swf了。 第二:由于html调用flash是不限制后缀的,所以攻击者可以用图片文件的后缀如gif通过论坛的上传功能上传,上传功能只是使用了getimagesize来判断,但是swf一样可以通过该函数。 Discuz 6.X...

7.1AI score
Exploits0
myhack58
myhack58
added 2008/02/05 12:0 a.m.9 views

Discuz! 6 the background to get the Shell methods-vulnerability warning-the black bar safety net

Note: article first wolves(www.wolvez.org that post by the original author, please submit to the evil octal, reproduced please indicate the original author and source. If the background can online edit the template while following the method you can get the SHELL. 1. Background edit...

7.1AI score
Exploits0
Rows per page
Query Builder