6 matches found
大汉通版cms上传设计缺陷
简要描述: RT 详细说明: WooYun: 大汉jiep信息交换平台某处越权及sql注入 根据wefgod牛的测试站点进行测试得到的。 http://www.dx.gansu.gov.cn/cms/common/filechoose/filedialog.jsp?webappcode=A61&filetype=1&webapppath=freeform&uploadpath=../../../ 具体%00截图没有绕过上传jsp等脚本文件。 但是如果cms在iis下面可以触发iis解析漏洞,所以还是存在威胁的。 漏洞证明: Content-Disposition: form-data;...
FoosunCms(wind noise cms) asp version sql vulnerability attached to the exp-bug warning-the black bar safety net
FoosunCms the asp version getshell In the file\User\award\awardAction. asp: Integral=NoSqlHackrequest. QueryString"Integral" if action="join" then UserConn. execute"Insert into FSMEUserPrize prizeid,usernumber,awardID values" CintStrprizeID&",'"&session"FSUserNumber"&"'," CintStrawardID&"" 'Get t...
FCK each version of a breakout-vulnerability warning-the black bar safety net
Don't know who the copyright- FCKeditor v2.43 版本 FCKeditor/editor/filemanager/browser/default/connectors/php/config.php FCKeditor V2. 6. 6 version fckeditor/editor/filemanager/connectors/asp/config.php View Editor Version FCKeditor/whatsnew.html...
SOOP Portal 2.0 IIS parsing upload vulnerability-vulnerability warning-the black bar safety net
Publishing author: Net. Edit0r Affected versions: SOOP Portal 2.0 Official address: upload/2 0 1 0/1 2/2 0 1 0 1 2 0 7 1 9 4 0 2 9 3 6 8 6. jpg can be uploaded and executed. Google Dork : "SOOP Portal 2.0" 1. Register On Site //the first step to register as a website member; 2...
Ya Qi technology program add any administrator 0day-vulnerability warning-the black bar safety net
Site background the lack of verification can be remotely add an administrator user and log in the background Keywords: inurl:ShowInfo. asp? ShowId= Find the website then in the website address added on: admin/UserManage. asp? action=UserAdd Go in to add an administrator, and then use the Add...
Nine days of self-help built Station system Xday-vulnerability warning-the black bar safety net
Keywords: inurl:/regTemletSel. asp? step=2 Or E-Commerce self-help built Station-your ideal assistant Use method: 1 registered 2 web site management---resource management---upload hackqing. asp;qing.jpg 3get a webshell Special case: 1. the forced name change 2. the iis parsing vulnerability is...