Xiuno BBS Cross-Site Scripting Vulnerability

Xiuno BBS is an open source forum program based on PHP and MySQL. Xiuno BBS suffers from a cross-site scripting vulnerability that originates from the failure of the product/admin/?setting-base.htm page to properly handle data in the sitebrief field. An attacker can exploit this vulnerability to...

PHPWind Has Arbitrary Directory Deletion Vulnerability

PHPWind is a set of PHP-based Web forum program . PHPWind has an arbitrary directory deletion vulnerability that can be exploited by an attacker to delete arbitrary directories...

C-BOARD Moyuku Remote Code Execution Vulnerability

C-BOARD Moyuku is a forum program. C-BOARD Moyuku is designed to properly filter user input, allowing attackers to exploit vulnerabilities to create arbitrary files and execute them...

Geeklog <= 1.6.0sr2 - Remote File Upload

No description provided by source. ============================================================================== Geeklog = v1.6.0sr2 - Remote File Upload Discovered: JaL0h Software Site: http://www.geeklog.net Dork: By Geeklog Created this page in +seconds +powered...

Asprain forum for registered users to upload pictures you can get a webshell-vulnerability warning-the black bar safety net

Asprain is a suitable for all primary and secondary schools, secondary school, technical school, vocational high-building campus Forum, students Forum, some teaching and research departments, companies build internal Forum, IT technology enthusiasts building technology exchange Forum Free Forum...

Graugon 1.3 SQL injection vulnerability-vulnerability warning-the black bar safety net

Graugon is a forum program. The 1. 3 version the presence of injection vulnerabilities. The domestic use of the people looks like very little. Foreign popular. Like to engage abroad can play. Test the POC are as follows: html body onload="document. forms0. submit" form method="POST" action="" inp...

BBSMAX 4.x 论坛程序登陆任意用户，取得用户密码信息漏洞

在文件 register.aspx.cs 中 protected void PageLoadobject sender, EventArgs e string str = string.Empty; str = base.Request.Get"active", Method.Get; if !string.IsNullOrEmptystr if BOBaseUserBO.Instance.ActivingUserstr //激活用户 base.ShowSuccess"恭喜！您的账号" + base.My.Username + "已成功激活。",...

MyBB adodb_mktime()日期参数远程拒绝服务漏洞

CVE ID：CVE-2009-4448 MyBB是一款流行的基于PHP的论坛程序。 MyBB inc/functionstime.php文件中包含的adodbmktime函数在处理部分日期值时存在漏洞，攻击者提交包含超大的year参数值的报文就会触发大量循环，导致CPU负载过高造成拒绝服务攻击。 MyBB 1.4.10 用户可参考如下安全公告获得补丁信息： http://dev.mybboard.net/projects/mybb/repository/revisions/4613/diff/branches/1.4-stable/inc/functionstime.php...

Experts dissect hacker how to pass the Google attacks-vulnerability warning-the black bar safety net

Google is a powerful search engine, through a predefined command or some special character search, you can query to the incredible results. Use Google to search the Smart Search, you can even enter the part of the remote server to obtain the secret, and search sensitive information, cause...

The use of site MIS-configuration to gain full control-vulnerability warning-the black bar safety net

In fact,now the online safety site and learn Black the site too much, 斡 Guoblowing na? bralso more and more,these contributed to the many sites and individuals, enhance safety awareness,is a good thing. So such as ipc$weak passwords,printer,IDQ remote overflow,UNICODE,3389 input and other...

MolyX vulnerability analysis-vulnerability warning-the black bar safety net

Text/SuperHei·Safety AngelS4T 2005.09.21 Nonsense: MolyX Board（hereinafter referred to MXB is MolyX Studios group as if that is CNVBB team development of PHP Forum program, MXB fusion of many forums, absorbing, powerful. The multi-year Forum program finished and improved experience also makes the...