415 matches found
Shopex 后台Getshell
...
phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion Vulnerability
Exploit for php platform in category web applications The latest version downloaded from the official website, the file name is phpMyAdmin-4.8.1-all-languages.zip The problem appears in /index.php Find 5563 lines Line 61 contains include $REQUEST'target'; This is obviously LFI precursor, as long ...
phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion (1)
The latest version downloaded from the official website, the file name is phpMyAdmin-4.8.1-all-languages.zip The problem appears in /index.php Find 5563 lines Line 61 contains include $REQUEST'target'; This is obviously LFI precursor, as long as we bypass the 55 to 59 restrictions on the line Lin...
Command Execution Vulnerability in Panmicro e-cology
Panmicro Collaborative Management Application Platform e-cology is a collaborative business platform with enterprise information portal, knowledge management, data center, workflow management, human resource management, customer and partner management, project management, financial management, an...
Arbitrary File Deletion Vulnerability in Cscms Version v4.1.8
Cscms is a diversified content management system developed using PHP5+MYSQL as the technical basis. Cscms v4.1.8 has an arbitrary file deletion vulnerability. An attacker can use this vulnerability to delete arbitrary files from the background and violently execute a reinstallation getshell...
Dedecms V5.7后台的两处getshell(CVE-2018-9175)
第一个是常见的思路,把语句写入inc文件,然后在其他的include语句中,包含了恶意代码进而getshell。 漏洞代码在:/dede/sysverifies.php 代码如下: else if $action == 'getfiles' if!isset$refiles ShowMsg"你没进行任何操作!","sysverifies.php"; exit; $cacheFiles = DEDEDATA.'/modifytmp.inc'; $fp = fopen$cacheFiles, 'w'; fwrite$fp, ''; fclose$fp; $dirinfos = ''; if$...
BEESCMS V4.0_R_20160525全局变量覆盖导致前台getshell
...
duomicms前台全局变量覆盖导致getshell
...
phpshe1.6后台任意文件删除导致重装getshell
...
bluecms 任意文件删除漏洞导致重装getshell & XSS漏洞
...
TPshop 前台无限制Getshell #2
0x01 说明 TPshop开源商城系统 Thinkphp shop的简称 ,是深圳搜豹网络有限公司开发的一套多商家模式的商城系统。适合企业及个人快速构建个性化网上商城。包含PC+IOS客户端+Adroid客户端+微商城,系统PC+后台是基于ThinkPHP5 MVC构架开发的跨平台开源软件,设计得非常灵活,具有模块化架构体系和丰富的功能,易于与第三方应用系统无缝集成,在设计上,包含相当全面,以模块化架构体系,让应用组合变得相当灵活,功能也相当丰富。 下载地址:http://www.tp-shop.cn/Index/Index/download.html 目录大概结构 ├─index.p...
thinkcmf background getshell
No description provided by source...
OURPHP administrator login password and the security code leak, Getshell
No description provided by source...
SemCms background getshell
No description provided by source...
ThinkPHP5. 0. 10-3. 2. 3 cache function design flaws can lead to Getshell
0x00 framework operating environment ThinkPHP is a free open source, fast, simple object-oriented lightweight PHP development framework, in order to agile WEB application development and simplify enterprise application development and birth. ThinkPHP from inception has been adhering to the simple...
zzcms front Desk unlimited Upload File getshell
No description provided by source...
File Uploading Vulnerability in Nanjing Sage's Intelligent Management System for Experimental Teaching and Learning
Nanjing apex experimental teaching intelligent management system is designed for colleges and universities to establish a set of experimental teaching management mode of the system. There is a file upload vulnerability in Nanjing Centaur Experimental Teaching Intelligent Management System. An...
zzcms the latest version and the prior version of the system reload could be Getshell
No description provided by source...
FengCms1. 32 System reinstall vulnerabilities to cause getshell
进入./install/index.php文件 alert"系统已安装,如需要重新安装,请手工删除upload目录下的INSTALL文件!";'; echo ''; switch'step' case '1': //安装许可协议 include ABSPATH."/step/step1.php"; break; case '2': //检查安装环境是否满足要求 = ''; ifextensionloaded'gd' iffunctionexists'imagepng' .= 'png'; iffunctionexists'imagejpeg' .= ' jpg';...
finecms a getshell
No description provided by source...