3 matches found
discuz越权回复第二式(回复无权限帖子)
简要描述: 另类第二种 详细说明: www.hegouvip.com 他是dz 3.1 非会员是不能在会员专区回复的 看这里哇 分享这里 我们弄 尤其要点上同时回复 就会 成功 现在可以了 漏洞证明: img src="https://images.seebug.org/upload/201506/2910381641d85816d2d574699a34a9a8aefe3d43.png" alt="5.png" width="600" onerror="javas...
Discuz non-founder administrator code execution-vulnerability warning-the black bar safety net
| by:alibaba global.func.php function sendpm$toid, $subject, $message, $fromid = " 0 2 if$fromid === " 0 3 requireonce DISCUZROOT.'./ ucclient/client.php'; 0 4 $fromid = $discuzuid; 0 5 0 6 if$fromid 0 7 ucpmsend$fromid, $toid, $subject, $message; 0 8 else 0 9 global $promptkeys; 1 0...
Discuz! 6.0.1 (searchid) Remote SQL Injection Exploit-vulnerability warning-the black bar safety net
The following proceduresmethodsmay carry offensive,for security research and teaching purposes,at your own risk!& lt;? php errorreportingEALL&ENOTICE; printr" +------------------------------------------------------------------+ Exploit discuz6. 0. 1 Just work as php=5 & mysql=4.1 BY james...