18 matches found
大汉通版cms上传设计缺陷
简要描述: RT 详细说明: WooYun: 大汉jiep信息交换平台某处越权及sql注入 根据wefgod牛的测试站点进行测试得到的。 http://www.dx.gansu.gov.cn/cms/common/filechoose/filedialog.jsp?webappcode=A61&filetype=1&webapppath=freeform&uploadpath=../../../ 具体%00截图没有绕过上传jsp等脚本文件。 但是如果cms在iis下面可以触发iis解析漏洞,所以还是存在威胁的。 漏洞证明: Content-Disposition: form-data;...
FoosunCms(wind noise cms) asp version sql vulnerability attached to the exp-bug warning-the black bar safety net
FoosunCms the asp version getshell In the file\User\award\awardAction. asp: Integral=NoSqlHackrequest. QueryString"Integral" if action="join" then UserConn. execute"Insert into FSMEUserPrize prizeid,usernumber,awardID values" CintStrprizeID&",'"&session"FSUserNumber"&"'," CintStrawardID&"" 'Get t...
xheditor editor upload. php malformed file upload vulnerability-vulnerability warning-the black bar safety net
The code uses a whitelist mechanism to verify, press the truth to say that the white list are generally relatively safe. But the problem arises in the verification process where verification extension use The is a regular pregmatch method As long as we construct the suffix name contains a white...
xheditor default upload. php malformed file upload vulnerability-vulnerability warning-the black bar safety net
The file upload code uses a white list mechanism according to the truth that is relatively safe, but the problem appears in the white list mechanism to verify there. Use regular expression matching here gives us a bypass method in a iis parsing the properties to get a shell. Verification code:...
Network fun shopping system flagship version of eshop backend get webshell-vulnerability warning-the black bar safety net
Disclosure of status: 2012-03-04: positive contact vendors and wait for manufacturers to claim, details not open to the public 2012-03-04: the vendors have actively ignored vulnerabilities, the details disclosed to the public Brief description: eWebEditor editor filter is not strict, direct uploa...
sitestar the latest pass to kill 0day-vulnerability warning-the black bar safety net
The establishment of the station star sitestar V1. 3 program vulnerability out of the editor FCKEDITOR is. Author: udb311 Test: And Fckeditor 2.4.2 vulnerability. No media restrictions. If the server is based on WINDOWS, you can also build a a. asp directory. And then use IIS to parse vulnerabili...
FCK each version of a breakout-vulnerability warning-the black bar safety net
Don't know who the copyright- FCKeditor v2.43 版本 FCKeditor/editor/filemanager/browser/default/connectors/php/config.php FCKeditor V2. 6. 6 version fckeditor/editor/filemanager/connectors/asp/config.php View Editor Version FCKeditor/whatsnew.html...
Good subtle Bo then burst IIS parsing upload vulnerability and fix-vulnerability warning-the black bar safety net
By: the joken's, wdlei Recently, webmasters Download Station on a good subtle Bo program and update. Update Time 2 0 1 0 year 7 month 1 3 day, update the skin and modify the upload vulnerabilities, but still exist vulnerability issues. Vulnerability file: UpFileForm. asp Code: html head meta...
SiteServer CMS system 0day-vulnerability warning-the black bar safety net
Detail: with the previous move is easy as registered member you can use xx. asp style registration. While we upload the attachments images also are in accordance with our member name to store. Then the tragedy of 0day is produced. The use of an IIS parsing properties! Use way: The first to enter...
SOOP Portal 2.0 IIS parsing upload vulnerability-vulnerability warning-the black bar safety net
Publishing author: Net. Edit0r Affected versions: SOOP Portal 2.0 Official address: upload/2 0 1 0/1 2/2 0 1 0 1 2 0 7 1 9 4 0 2 9 3 6 8 6. jpg can be uploaded and executed. Google Dork : "SOOP Portal 2.0" 1. Register On Site //the first step to register as a website member; 2...
Good subtle Bo then burst IIS parsing upload vulnerability-vulnerability warning-the black bar safety net
By. joken's wdlei Recently, webmasters Download Station on a good subtle Bo program and update. Update Time 2 0 1 0 year 7 month 1 3 day, update the skin and modify the upload vulnerabilities, but still exist vulnerabilities. Vulnerability file: UpFileForm. asp Code: html head meta...
Heart of the sea school mental management system Xday-vulnerability warning-the black bar safety net
Heart of the sea school mental management system Vulnerability type: upload vulnerability, the IIS parsing vulnerability Keywords: 1. inurl:zytest/main. asp? id= 2. Psychological inurl:article/print. asp? id= Vulnerability description: due to the IIS6. 0 there is parsing vulnerability, so the...
Ya Qi technology program add any administrator 0day-vulnerability warning-the black bar safety net
Site background the lack of verification can be remotely add an administrator user and log in the background Keywords: inurl:ShowInfo. asp? ShowId= Find the website then in the website address added on: admin/UserManage. asp? action=UserAdd Go in to add an administrator, and then use the Add...
Empire backup background mention right-vulnerability warning-the black bar safety net
From: www.4safer.com The SQL backup. When I saw this page with ideas. See Figure number 1, is stored in the directory. Then see the number 2, Write the directory does not exist the system will automatically build. Description of that directory can write their own。 Then look at number 3. Write a...
zblog latest XSS-vulnerability warning-the black bar safety net
The code is as follows:div class="post-body formattext"scriptalert/test//script please visit later/div Incidentally also found the background to pass the attachment directly transfer the iis parsing vulnerabilities of the picture, you can directly get the shell. ···...
Nine days of self-help built Station system Xday-vulnerability warning-the black bar safety net
Keywords: inurl:/regTemletSel. asp? step=2 Or E-Commerce self-help built Station-your ideal assistant Use method: 1 registered 2 web site management---resource management---upload hackqing. asp;qing.jpg 3get a webshell Special case: 1. the forced name change 2. the iis parsing vulnerability is...
MSN Editor 0DAY-vulnerability warning-the black bar safety net
Simple to say under the use of the method. Click on the image upload will appear after the upload page, the address is http://www.xxx.cn/admin/uploadPic.asp?language=&editImageNum=0&editRemNum= With ordinary picture after uploading, the address is...
Taoyuan disk Getshell 洞子-vulnerability warning-the black bar safety net
Source:Prius special Affected version:latest Author:black God Jing the flow of God's love I and the silver God,the static flow of three in the penetration time,met this program examined the following,find this app you can directly Getshell precisely, or the use of the IIS that 洞子 Simple to say us...