6 matches found
Discuz! 5.x&6.x&7x 重置用户密码漏洞
No description provided by source...
DZ! sodb-2 0 0 8-1 3 EXP published-vulnerability warning-the black bar safety net
!/ usr/bin/php ? php / Discuz! 6. x/7. x SODB-2 0 0 8-1 3 Exp By www.80vul.com Notes the value of the variable, add your own modifications / $host = ‘www.80vul.com’; // Server domain or IP $path = ‘/discuz/’; // Where the program path $key = 0; // The above variable is edited, make will the value...
Discuz! 6. x/7. x SODB-2 0 0 8-1 3 Exp-vulnerability warning-the black bar safety net
!/ usr/bin/php ? php / Discuz! 6. x/7. x SODB-2 0 0 8-1 3 Exp By www.80vul.com Notes the value of the variable, add your own modifications / $host = 'www.80vul.com'; // Server domain or IP $path = '/discuz/'; // Where the program path $key = 0; // The above variable is edited, make will the value...
Discuz! 路径信息泄露漏洞
目录\ucclient\data\cache,\forumdata\cache等下面的文件里对如:br / br / $CACHE'settings' = array br / 'accessemail' = '',br / 'censoremail' = '',br / 'censorusername' = '',br / 'dateformat' = 'y-n-j',br / 'doublee' = '1',br / 'nextnotetime' = '0',br / 'timeoffset' = '28800',br / ;br / br / br /...
Discuz 6.X [flash] xss bug
其实该漏洞在2007年就公布过了1,但是经过80vul-A测试改漏洞一直没有被修补。该漏洞的分析主要点如下: 第一:Discuz!把allowScriptAccess设置为sameDomain:param name="allowScriptAccess" value="sameDomain"我们只需要把swf文件上传到目标上就可以使用flash调用我们构造的swf了。 第二:由于html调用flash是不限制后缀的,所以攻击者可以用图片文件的后缀如gif通过论坛的上传功能上传,上传功能只是使用了getimagesize来判断,但是swf一样可以通过该函数。 Discuz 6.X...
Discuz! 6 the background to get the Shell methods-vulnerability warning-the black bar safety net
Note: article first wolves(www.wolvez.org that post by the original author, please submit to the evil octal, reproduced please indicate the original author and source. If the background can online edit the template while following the method you can get the SHELL. 1. Background edit...