7 matches found
CmsEasy 5.6 /celive/live/header.php SQL注入漏洞
整个漏洞详情在书安杂志中进行了详细的说明。链接:https://www.secbook.net在parseObjXml 凼数中$rootTag 就是传入的 xml 中的第一个标签,返里判断是 xjxobj 还是 xjxquery当$rootTag 为 xjxquery 时将传入的参数内容通过 parsestr 处理 parsestr$sQuery, $aArray;然后当 getmagicquotesgpc == 1 == on的时候候,将传入的参数值反转义$newArray$sKey = stripslashes$sValue;进入postdata函数。function...
Supernews <= 2.6.1 (noticias.php cat) SQL Injection
No description provided by source. Supernews = 2.6.1 noticias.php cat Remote SQL Injection Google Dork: intext:2003 - 2004 : SuperNews : Todos os direitos reservados Bug discovered by Pr0T3cT10n, [email protected] Date: 31/05/2012 Version: 2.6.1 Software Link:...
Supernews 2.6.1 - 'noticias.php?cat' SQL Injection
Supernews Date: 31/05/2012 Version: 2.6.1 Software Link: http://phpbrasil.com/script/vT0FaOCySSH/supernews ISRAEL Author will be not responsible for any damage. Vulnerable Code - noticias.php 30-31: 30. $idcategoria = formatDados$GET'cat'; 31. $query = mysqlquery"SELECT id, categoria FROM...
Ecmall全版本本地文件包含漏洞
简要描述: Ecmall的默认处理中犯了一个严重的错误,绕开了系统中的保护逻辑从而导致可以包含任意文件以php代码执行 详细说明: eccore/ecmall.php内 if !getmagicquotesgpc $GET = addslashesdeep$GET; $POST = addslashesdeep$POST; $COOKIE= addslashesdeep$COOKIE; / 请求转发 / $defaultapp = $config'defaultapp' ? $config'defaultapp' : 'default'; $defaultact =...
Empire CMS message Board vulnerability-vulnerability warning-the black bar safety net
Dark gray dropped out of the 0day. Find used Empire CMS station,the site behind a directly applied:e/tool/gbook/? bid=1 For example: www.xxx.com/e/tool/gbook/?bid=1 Out is Empire CMS the guestbook,in the name of writing:缞\ Contact email at: ,1,1,1,select concatusername,0x5f,password,0x5f,rnd from...
unclassified NewsBoard 1.6.4 - Multiple Vulnerabilities
Author girex Homepage girex.altervista.org Date 31/05/2009 CMS Unclassified NewsBoard 1.6.4 and maybe lower Dork "This board is powered by the Unclassified NewsBoard software, 1.6.4" Multiple remote vulnerabilities 1 Remote SQL Injection php.ini regardless 2 Logs File Disclosure registerglobals =...
ECSHOP商城系统过滤不严导致SQL注入漏洞
漏洞分析 首先来看includes/init.php文件,在getmagicquotesgpc为off时则调用addslashesdeep // includes/init.php if !getmagicquotesgpc if !emptyempty$GET $GET = addslashesdeep$GET; if !emptyempty$POST $POST = addslashesdeep$POST; $COOKIE = addslashesdeep$COOKIE; $REQUEST = addslashesdeep$REQUEST;...