Lucene search
K

6 matches found

seebug.org
seebug.org
added 2014/11/12 12:0 a.m.201 views

Discuz 6.0 /my.php SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

Discuz! 6.0 '2fly_gift.php' SQL Injection Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2011/04/25 12:0 a.m.14 views

Discuz! 6.0 存储型XSS

简要描述: Discuz! 6.0 存储型XSS 详细说明: Discuz! 6.0 【店铺介绍】存在XSS漏洞 不知道如何访问店铺(没找到这功能!?),所以不知道这个XSS是只跨自己还是跨任何访问店铺的人。 因为这个地方的xss(alert(/Liscker/;)跟去年发的那个【个性签名】 的xss一样,所以个人极度认为这个也是只能跨自己的,只能结合其它漏洞一起来用了。 漏洞证明:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/03/06 12:0 a.m.35 views

Discuz 6.0 viewthread.php 跨站漏洞

demo: http://bbs.51testing.com/viewthread.php?tid=%22%3E%3E%3Cscript%3Ealert%28insafe--SecEyE%29%3C/script%3E%3Cmarquee%3E%3Ch1%3EINSAFE%20By%20SECEYE%3C/h1%3E%3C/marquee%3E 不解释,COPY的朋友请留个北洋贱队的url就可以了 Discuz 6.0 升级到最新版本...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2009/08/15 12:0 a.m.19 views

Discuz 6.0 SQL Injection

Securitylab.ir Application Info: Name: Discuz Version: 6.0 Website: http://www.discuz.net Discoverd By: Securitylab.ir Website: http://securitylab.ir Contacts: adminatsecuritylab.ir & info@securitylabdotir Vulnerability Info: Type: Sql Injection Vulnerability Risk: Medium Dork: © 2008 - 2009...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/01/01 12:0 a.m.23 views

Discuz! "$_SERVER['PHP_SELF']" XSS Vulnerability

在common.inc.php文件的69行: $PHPSELF = $SERVER'PHPSELF' ? $SERVER'PHPSELF' : $SERVER'SCRIPTNAME'; $SCRIPTFILENAME = strreplace'\\', '/', isset$SERVER'PATHTRANSLATED' ? $SERVER'PATHTRANSLATED' : $SERVER'SCRIPTFILENAME'; $boardurl = 'http://'.$SERVER'HTTPHOST'.pregreplace"//+api|archiver|wap?/$/i",...

7.1AI score
Exploits0
Rows per page
Query Builder