gitea -- privilege escalation, XSS

The Gitea project reports: Security Sanitize uploaded file names HTMLEncode user added text...

PHPOK留言板管理XSS（可打管理员）

简要描述： PHPOK留言板管理XSS（打管理员） 详细说明： PHPOK留言板管理XSS（打管理员） 漏洞证明： 测试环境： 当在 在线留言 处留言： 留言成功后需要管理员审核才可以通过，所以不能立刻显示，当管理员登陆后台，删除该留言的时候，触发XSS： 看下源码： 1283. scriptalertdocument.cookie;/script 2014-04-11 evil [email protected] test input type="text" id="sort1283...

Microsoft IIS ASP Engine HTMLEncode Buffer Overflow - Ver2 (CVE-2008-0075)

A buffer overflow vulnerability has been reported in the Microsoft IIS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

BBSGood Forum program moprepost. asp variable HTTP_X_FORWARDED_FOR injection vulnerability-vulnerability warning-the black bar safety net

BBSGOOD is domestic first using the cache technology Forum, BBSGOOD posts and list home can generate a static HTML file. In the file moprepost. asp: if Request. ServerVariables"HTTPXFORWARDEDFOR"="" then ipdress=Request. ServerVariables"REMOTEADDR" else ipdress=Request...

BBSxp HTMLEncode过滤函数过滤不严导致绕过漏洞

BBSXP为一款简单的ASP+SQL与ACCESS开发的多风格论坛 目前最新版本为BBSXP2008。 官方最新过滤函数HTMLEncode,这次过滤了字符 ,再一次绕过过滤注射 Function HTMLEncodefString fString=ReplacefString,CHR9,"" fString=ReplacefString,CHR13,"" fString=ReplacefString,CHR22,"" fString=ReplacefString,CHR38,"&" '“&” fString=ReplacefString,CHR32," " '“ ”...

BBSXP the latest vulnerability and the discovery process-vulnerability warning-the black bar safety net

Operating environment: Micromedia Dreamweaver 8.0+IIS 5.0+SQL Server 2 0 0 0+BBSXP 6.00 SP1 SQL Travel back to the days of work relatively easily, just as everyone presented a few days ago found BBSXP new vulnerability, the way to find the ASP program vulnerability method. See here you should thi...

BBSXP论坛程序New.asp页面过滤不严导致SQL注入漏洞

New.asp 代码分析： Sort=HTMLEncodeRequest"Sort" //第24行 if Sort = empty then SqlSort="ThreadID" else SqlSort=Sort end if 。。。。。。 sql="Select top "&SqlTopicCount&" from "&TablePrefix&"Threads where Visible=1 "&SqlForumID&" "&SqlTimeLimit&" order by "&SqlSort&" desc" //第66行 过滤函数HTMLEncode...

BBSXP论坛程序Members.asp页面过滤不严导致SQL注入漏洞

漏洞文件： Members.asp 代码分析：. CurrentAccountStatus=HTMLEncodeRequest"CurrentAccountStatus" //第11行 。。。。。。 if CurrentAccountStatus "" then item=item&" and UserAccountStatus="&CurrentAccountStatus&"" //第22行 。。。。。。 TotalCount=Execute"Select countUserID From "&TablePrefix&"Users"&item0 //第54行...

bbsxp sql latest version 0day-vulnerability warning-the black bar safety net

bbsxp some time ago a log injection vulnerability, this vulnerability is still present in this place. ! References the reference content sub LogMessage if Request. ServerVariables"QueryString""" then QueryString="?"& amp;Request. ServerVariables"QueryString"&"" Conn. Execute"insert into BBSXPLog...