9 matches found
PT-2024-37979
Name of the Vulnerable Software and Affected Versions ThinkSAAS version 3.7.0 Description A problematic issue has been found in the processing of the file app/system/action/do.php. The manipulation of the arguments site title, site subtitle, site key, site desc, site url, site email, site icp lea...
PT-2024-22429 · Dedecms · Dedecms
Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A Cross-Site Request Forgery CSRF issue was found in the "/dede/archives do.php" component. This allows an attacker to perform unintended actions on a user's behalf. Recommendations: For DedeCMS version 5.7,...
XSS vulnerability in X5music V2.0 frontend user folder do.php
X5music Music Management System is a music management system and video management system compiled with php+mysql. X5music V2.0 has an XSS vulnerability in the front user folder do.php, which can be exploited by attackers to obtain cookie information...
ThinkSAAS SQL注入
简要描述: ThinkSAAS SQL注入 详细说明: 版本 ThinkSAAS 2.32 目前最新版。 app\group\action\do.php 281行 //回复评论 case "recomment": if$POST'token' != $SESSION'token' echo 1;exit; $referid = intval$POST'referid'; $topicid = intval$POST'topicid'; $content = tsClean$POST'content'; $addtime = time; $db-query"insert into...
ThinkSAAS 前台SQL注入(通杀所有版本???)
简要描述: 这几天一直在审计thinksaas,几个版本都看过,有个地方感觉有注入一直搞不定。 在此感谢 @狗狗侠 @牛肉包子 两位大牛的指点 详细说明: 看最新版的,16天前更新的。 app/group/action/do.php 看下回复评论出的代码 case "recomment": if$POST'token' != $SESSION'token' echo 1;exit; $referid = intval$POST'referid'; $topicid = intval$POST'topicid'; $content = tsClean$POST'content';...
11in1 CMS 1.0.1 (do.php) - CRLF Injection Vulnerability
No description provided by source. 11in1 CMS v1.0.1 do.php CRLF Injection Vulnerability Vendor: 11in1 Product web page: http://www.11in1.org Affected version: 1.0.1 Summary: Eleven in One is an open-source content management system CMS that is powered by PHP and MySQL. It does not only help you...
Thinksaas 失败的getshell & 一枚注入。
简要描述: /为什么最新一直被走小厂商? 累觉不爱。/ 本来还以为能够直接前台getshell的。 能直接把代码写入文件。 但是最后也都败给了转义符。 还是来注入把。 详细说明: 0x01 失败的Getshell。 \app\mail\action\admin\do.php 访问这里 无需登录。 $arrData = array 'appname' = trim$POST'appname', 'appdesc' = trim$POST'appdesc', 'isenable' = trim$POST'isenable', 'mailhost' = trim$POST'mailhost',...
11in1 CMS 1.0.1 - 'do.php' CRLF Injection
11in1 CMS v1.0.1 do.php CRLF Injection Vulnerability Vendor: 11in1 Product web page: http://www.11in1.org Affected version: 1.0.1 Summary: Eleven in One is an open-source content management system CMS that is powered by PHP and MySQL. It does not only help you manage your personal blog but also...
11in1 CMS v1.0.1 (do.php) CRLF Injection Vulnerability
Exploit for php platform in category web applications 11in1 CMS v1.0.1 do.php CRLF Injection Vulnerability Vendor: 11in1 Product web page: http://www.11in1.org Affected version: 1.0.1 Summary: Eleven in One is an open-source content management system CMS that is powered by PHP and MySQL. It does...