29 matches found
CVE-2026-22201
wpDiscuz before 7.6.47 contains an IP spoofing vulnerability in the getIP function that allows attackers to bypass IP-based rate limiting and ban enforcement by trusting untrusted HTTP headers. Attackers can set HTTPCLIENTIP or HTTPXFORWARDEDFOR headers to spoof their IP address and circumvent...
CVE-2026-22201 wpDiscuz before 7.6.47 - IP Address Spoofing in getIP()
wpDiscuz before 7.6.47 contains an IP spoofing vulnerability in the getIP function that allows attackers to bypass IP-based rate limiting and ban enforcement by trusting untrusted HTTP headers. Attackers can set HTTPCLIENTIP or HTTPXFORWARDEDFOR headers to spoof their IP address and circumvent...
CVE-2026-22201
wpDiscuz before 7.6.47 contains an IP spoofing vulnerability in the getIP function that allows attackers to bypass IP-based rate limiting and ban enforcement by trusting untrusted HTTP headers. Attackers can set HTTPCLIENTIP or HTTPXFORWARDEDFOR headers to spoof their IP address and circumvent...
CVE-2026-22201 wpDiscuz before 7.6.47 - IP Address Spoofing in getIP()
wpDiscuz before 7.6.47 contains an IP spoofing vulnerability in the getIP function that allows attackers to bypass IP-based rate limiting and ban enforcement by trusting untrusted HTTP headers. Attackers can set HTTPCLIENTIP or HTTPXFORWARDEDFOR headers to spoof their IP address and circumvent...
Authorization Bypass
nilsteampassnet/teampass is vulnerable to authorization bypass. Sending an X-Forwarded-For client HTTP header to the getIp function allows any users with a valid API token to bypass IP address whitelist restrictions...
CVE-2021-29350
SQL injection in the getip function in conn/function.php in 发货100-设计素材下载系统 1.1 allows remote attackers to inject arbitrary SQL commands via the X-Forwarded-For header to admin/productadd.php...
Sql injection
SQL injection in the getip function in conn/function.php in ??100-???????? 1.1 allows remote attackers to inject arbitrary SQL commands via the X-Forwarded-For header to admin/productadd.php...
CVE-2021-29350
SQL injection in the getip function in conn/function.php in 发货100-设计素材下载系统 1.1 allows remote attackers to inject arbitrary SQL commands via the X-Forwarded-For header to admin/productadd.php...
CVE-2021-29350
CVE-2021-29350 affects 发货100-设计素材下载系统 1.1. The SQL injection is in the getip function of conn/function.php, exploitable via the X-Forwarded-For header to admin/product_add.php. Several connected sources confirm the vulnerable endpoint and function. PTSecurity notes no available fix and suggests m...
发货100-设计素材下载系统 SQL注入漏洞
Shipping 100 - Design Material Download System is a software application. It provides a function to download materials. Shipment 100-Design Material Download System 1.1 SQL injection vulnerability exists, the vulnerability stems from SQL injection in the getip function in conn function.php...
Post-Exploitation Framework for Linux Written in Bash: Orc
Orc is a simple post-exploitation written in bash. I wrote this because I myself needed a more featureful post-exploitation toolkit for Linux. It’s part of a larger bundle of scripts and tools, but I’ll add those as I write and re-write them. It takes the form of an ENV script, so load orc into a...
SQL injection vulnerability in getip function of mallbuilder foreground convertip.php file
MallBuilder is a multi-user online shopping mall solution system based on PHP+MYSQL. The mallbuilder front-end getip function suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
WordPress WP Limit Login Attempts Plugin SQL Injection Vulnerability
WordPress is the WordPress Software Foundation of a set of PHP language development of blogging platform, the platform supports PHP and MySQL server set up a personal blog site.WP Limit Login Attempts is one of the login protection mechanism allowing bloggers to limit the number of times you can...
CVE-2015-6829
Multiple SQL injection vulnerabilities in the getip function in wp-limit-login-attempts.php in the WP Limit Login Attempts plugin before 2.0.1 for WordPress allow remote attackers to execute arbitrary SQL commands via the 1 X-Forwarded-For or 2 Client-IP HTTP header...
PHPMyWind一处注入(鸡肋)
简要描述: sql注射。 详细说明: include\common.func.php: function GetIP static $ip = NULL; if$ip !== NULL return $ip; ifisset$SERVER'HTTPXFORWARDEDFOR' $arr = explode',', $SERVER'HTTPXFORWARDEDFOR'; $pos = arraysearch'unknown',$arr; iffalse !== $pos unset$arr$pos; $ip = trim$arr0; else...
Maccms asp版本SQL注入
简要描述: asp版本安全性有待加强 详细说明: /user/index.asp sub tg dim userid,Ip,Ly,sql,rsUV,rs userid = be"get","uid" : userid=chkSqluserid,true on error resume next if isNapplication"LyLastDelDate" then application"LyLastDelDate" = Date if isNumuserid and apppopularizestate=1 then Ip = getIP Ly= getReferer Set rs...
方维团购getshell和注射
简要描述: 。。。 详细说明: saveavatar.php: $REQUEST'm'="UcModify"; $REQUEST'a'="saveavatar"; include ROOTPATH."app/source/index.php"; //进去看看 app/source/index.php: ....沈略....... $ma = strtolower$REQUEST'm'.''.$REQUEST'a'; switch$ma case 'ucmodifysaveavatar': require...
程氏舞曲CMS储存型xss可跨管理员
简要描述: .... 详细说明: 还是那个获取ip的函数,既然可以伪造ip那么坑定可以插入js了。 function GetIP if getenv"HTTPCLIENTIP" && strcasecmpgetenv"HTTPCLIENTIP", "unknown" $ip = getenv"HTTPCLIENTIP"; else if getenv"HTTPXFORWARDEDFOR" && strcasecmpgetenv"HTTPXFORWARDEDFOR", "unknown" $ip = getenv"HTTPXFORWARDEDFOR"; else if...
91736cms cookie injection vulnerability-vulnerability warning-the black bar safety net
Re-read under 9 1 7 3 6 before that getip vulnerability has been patch on. 漏洞 文件 :system/modules/member/index.php public function edit ifempty$COOKIE'memberuser'||empty$COOKIE'memberuserid' showmsgC"adminnotexist","index. php? m=member&f=login"; $userid=$COOKIE'memberuserid';...
BlueCMS - PHP local portal system 0day large collection of-vulnerability warning-the black bar safety net
Bluecms is from a company tutorial to see the cms, and then thought, since there, used to do tutorials, I'll dig this set of cms vulnerabilities, I did not dig deep end, also failed to adhere to the code to see finished. It has been found that a lot of problems. Can actually get a shell on it. !...