71 matches found
亿邮邮件系统SQL导致批量GetShell(无需登录)
简要描述: 亿邮邮件系统SQL导致批量GetShell(至少几百个单位) 详细说明: 漏洞文件:\php\bill\printaddfeelog.php 执行任意SQL命令,且不受GPC影响。 默认MYSQL都是有权限导出文件权限的,可以导出一句话后门。 query$sql; ? 利用代码: POST /php/bill/printaddfeelog.php HTTP/1.1 Content-Length: 140 Host: mail.sihs.edu.cn User-Agent: Mozilla/5.0 Windows; U; Windows NT 6.2; zh-CN;...
Hot or Not Picture Rating Script SQL Injection Vulnerability
No description provided by source. 1 1 0 I'm L0rd CrusAd3r member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:Pictue rating SQL Vulnerable Version:1 Price:20$ Published:...
ESRI ArcGIS 10.0.x / ArcMap 9 - Arbitrary Code Execution
No description provided by source. ===== TITLE ===== ESRI ArcMap Arbitrary Code Execution Via Crafted Map File ============ Description: ============ Opening a specially crafted mxd file will execute arbitrary code without prompting and without a crash of the application. This is due to a flaw in...
Anymacro 邮件系统最新版SQL注入漏洞
简要描述: 厂商一直回复说,不是最新版的,现在我就捅几枚最新版的菊花出来,谢谢。。。 详细说明: 0x001 anymacro是国内较流行的一家企业级邮箱系统,客户主要为教育/政府机构。 今天所发现的SQL注入影响所有Anymacro所有邮件系统。 0x002 漏洞分析 本次属于黑盒测试。。。 漏洞点在网盘处,在下载里面的附件的时候,由于参数未进行判断,导致产生SQL注入漏洞 https://mail.xxx.com/down.php?netdisk=1...
Anymacro 邮件系统任意文件下载漏洞(需登陆)
简要描述: 详细说明: 在mailattrFw.php中 其中$Fcid可控,从客户端获取,可以通过../跳转字符,跳转到相应目录进行读取。。 如默认状态下$SESSION'maildir'为:/mail/xxx.com/xxx/Maildir/ $Fcid可设置为:../../../../../etc/passwd 即可读取passwd内容 漏洞证明:...
Anymacro 邮件系统最新版SQL注入漏洞造成邮件泄露(通杀所有邮件服务器)
简要描述: 疯狗叔叔、Finger xsser ,我还有几枚怎么不帮我审核了? 详细说明: 疯狗叔叔、Finger xsser ,我还有几枚怎么不帮我审核了? 0x001 背景 anymacro已经被列入奖励名单了。 0x001 背景 anymacro是国内较流行的一家企业级邮箱系统,客户主要为教育/政府机构。 今天所发现的SQL注入影响所有Anymacro所有邮件系统。 例如近期项目,都是超大企业或者是单位: 安宁中标中国航天科技集团邮件系统建设项目 安宁承接中国海关总署邮件系统项目 安宁中标中国社科院邮件系统项目 安宁中标中国外交部邮件系统建设项目 安宁中标中国光大银行邮件系统项目...
Anymacro 邮件系统N处SQL注入漏洞
简要描述: 详细说明: 与: WooYun: Anymacro 邮件系统SQL注入漏洞和任意文件(邮件)删除(无需登录) 重复 乌云已经把它列入到通用型奖励厂商当中了。 0x01 背景 AnyMacro(安宁)成立于1999年,是国内领先的统一消息/移动门户/PushMail产品与应用解决方案提供商。主要客户涵盖国家部委、大型企业以及部分海外客户,客户分布于政府、军工、金融、电信、能源、教育等行业。 AnyMacro在技术创新和关键应用中一直处于行业领先地位,在全球首家提出并实现LAMP架构邮件/消息系统已成为事实的行业标准。AnyMacro...
iGENUS5. 0 E-mail system of some vulnerability package injection and landing, etc-vulnerability warning-the black bar safety net
When nothing download a iGENUS5. 0 look at the watch, time is tight, only to see a probably. A large number of government, schools, scientific research institutions, large companies in the use of this system. Be the first to say I use the version and environment: ! 1 ! 2 ! 3 The entire program, n...
Zimbra e-mail system file include vulnerability-vulnerability warning-the black bar safety net
! Zimbra mail system file include vulnerability Zimbra 0day exploit / Privilegie escalation via LFI - low-key development - Minghacker Foreign a vulnerabilities sharing platform http://www.exploit-db.com/exploits/30085/)broke Zimbra mail system there is a file that contains a vulnerability, the...
Blueprints of Australia's top spy agency headquarters stolen by Chinese hackers
Secret and highly sensitive and $630 million building blueprints outlining the layout of Australia's top spy agency's new headquarters have been stolen by Chinese hackers. According to a report by the ABC's Four Corners, the blueprints included floor plans, communications cabling, server location...
Campaign Enterprise 11 SQL Injection / Unauthorized Access
Campaign Enterprise 11 suffers from multiple remote SQL injection, unauthorized access, clear text password storage, and direct access bypass vulnerabilities. CVE-2012-3820, CVE-2012-3821, CVE-2012-3822, CVE-2012-3823, CVE-2012-3824 Overview =============== Campaign Enterprise 11, by ArialSoftwar...
extmail找回密码带来的可提供交互性社工的问题
简要描述: 大部分的extmail产品用户在使用该产品时并不会注意到该问题,以至于许多这种页面都可以直接通过外网进行访问,由于该产品是属于邮件系统,使用者本身会在网络上留下邮件地址,通过web界面访问得知该系统之后就会给其带来可被交互性社工的危险。呵呵,最近挺忙,事情挺多的 详细说明:...
Novell GroupWise Client IMG Tag SRC Parameter Buffer Overflow (CVE-2007-6435)
Novell GroupWise is a client-server collaborative software and email system provided by Novell. The Novell GroupWise Client application is capable of communicating with Novell Group server, as well as Internet email gateways using SMTP, POP, and IMAP protocols. A buffer overflow vulnerability has...
India's Railway Email System hacked by Pakistan Cyber Army !
India's Railway Email System hacked by Pakistan Cyber Army ! The Indian Railway Email System is Hacked by Pakistan Cyber Army pca, They have taken complete backup of all important mails and user-pass of all email id's . Have a look to the images below as HACK PROOF and thier statement on this Hac...
Epsilon Data Breach Expands to Include Capital One, Disney, Others
The compromise of a system at online marketing company Epsilon Data Management that came to light last week and involves the email addresses and names of customers at companies such as Citibank, Kroger and Disney expanded over the weekend to include a slew of other companies. The attack does not...
Pictue Rating SQL Injection
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...
Hot or Not Picture Rating Script - SQL Injection
Hot or Not Picture Rating Script - SQL Injection 1 1 0 I'm L0rd CrusAd3r member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:Pictue rating SQL Vulnerable Version:1 Price:20$...
Pictue rating SQL Injection Vulnerability
Exploit for php platform in category web applications ========================================= Pictue rating SQL Injection Vulnerability ========================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ ...
Hot or Not Picture Rating Script - SQL Injection
1 1 0 I'm L0rd CrusAd3r member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:Pictue rating SQL Vulnerable Version:1 Price:20$ Published: 2010-06-22 Greetz to:r0073r inj3ct0r.com,...
QUIK e-mail(QuarkMail latest remote vulnerability-vulnerability warning-the black bar safety net
From: http://www.aaibase.cn/Article/hk/201002/608.html Found by: me Vulnerability Description: The QUIK e-mail(QuarkMail Beijing Xiong Zhi weiye science and Technology Company launched the e-mail system, is widely used in various fields of the email solution该 产品 的 主要 客户 名单...