1933 matches found
espcms后台getshell-3,并可利用csrf交互强制管理员getshell
简要描述: 详细说明: 后台修改模板处未过滤,可在模板中插入php代码(此处方便演示,使用了phpinfo 本来,一个后台getshell的危害应该属于较低的,因为需要管理员权限。但是,espcms后台操作无token,通过csrf的交互,就可以强迫管理员干很多事。修改模板为shell的包如下: 无token,所以可以通过一个自动提交表单给管理员点击,然后就会自动getshell了。(此处主要是后台getshell,csrf就不再说了,详细的POC可以查看我以前提交的一些漏洞) 漏洞证明:...
Sony PSN Community Lithium Forums 2012 Q4 Script Insertion
Title: ====== Sony PSN Community - Mail Encoding Web Vulnerability Date: ===== 2013-05-05 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=748 VL-ID: ===== 747 Common Vulnerability Scoring System: ==================================== 3.1 Introduction: =============...
Sony PSN Community Lithium Forums 2012 Q4 Script Insertion
Title: ====== Sony PSN Community - Mail Encoding Web Vulnerability Date: ===== 2013-05-06 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=748 VL-ID: ===== 748 Common Vulnerability Scoring System: ==================================== 3.1 Introduction: =============...
Vanilla Forums 2.0.18 / SQL-Injection / Insert arbitrary user & dump usertable
Product Name: Vanilla Forums Vulnerable Version: Up to vanilla-core-2-0-18-4 Tested on: Windows Server 2003 Apache 2.4.3 PHP 5.4.7 MySQL 5.5.27 Vulnerability Overview: SQL-Injection is possible, because$POST arrays are not proper sanitized. You do not need to be authenticated. Vulnerability...
Vanilla Forums 2-0-18-4 - SQL Injection
Exploit Title: Vanilla Forums - SQL-Injection - Insert arbitrary user & dump usertable Date: 04/05/2013 Exploit Author: bl4ckw0rm Vendor Homepage: http://vanillaforums.org/ Version: 2-0-18-4 Tested on: Windows Product Name: Vanilla Forums Vulnerable Version: Up to vanilla-core-2-0-18-4 Tested on:...
Vanilla Forums 2-0-18-4 - SQL Injection
Vanilla Forums 2-0-18-4 - SQL Injection Exploit Title: Vanilla Forums - SQL-Injection - Insert arbitrary user & dump usertable Date: 04/05/2013 Exploit Author: bl4ckw0rm Vendor Homepage: http://vanillaforums.org/ Version: 2-0-18-4 Tested on: Windows Product Name: Vanilla Forums Vulnerable Version...
Microsoft Office PowerPoint 2007 Memory Corruption
when you insert a sound to Microsoft office powerpoint 2007 ;the software will get crashed it tested on office 2007 ,all the versions may be affected too 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ ...
MTP Image Gallery 1.0 XSS Vulnerability
Exploit for php platform in category web applications MTP Image Gallery 1.0 title Remote Script Insertion Vulnerability alert1;' / input type=...
MTP Guestbook 1.0 - Multiple Cross-Site Scripting Vulnerabilities
MTP Guestbook 1.0 - Multiple Cross-Site Scripting Vulnerabilities MTP Guestbook 1.0 Multiple Remote Script Insertion Vulnerabilities alert1;' / input type="hidden" name="ins...
MTP Image Gallery 1.0 - edit_photos.php?title Cross-Site Scripting
MTP Image Gallery 1.0 - editphotos.php?title Cross-Site Scripting MTP Image Gallery 1.0 title Remote Script Insertion Vulnerability alert1;' / input typ...
MTP Guestbook 1.0 - Multiple XSS Vulnerabilities
Exploit for php platform in category web applications MTP Guestbook 1.0 Multiple Remote Script Insertion Vulnerabilities alert1;' / form method="POST" action="http://localhost/mtpguestbook/inse...
MTP Poll 1.0 - Multiple Cross-Site Scripting Vulnerabilities
MTP Poll 1.0 - Multiple Cross-Site Scripting Vulnerabilities MTP Poll 1.0 Multiple Remote Script Insertion Vulnerabilities alert1;' / alert2;' / input...
MTP Poll 1.0 - Multiple XSS Vulnerabilities
Exploit for php platform in category web applications MTP Poll 1.0 Multiple Remote Script Insertion Vulnerabilities alert1;' / alert2;' / inpu...
MTP Poll 1.0 - Multiple Cross-Site Scripting Vulnerabilities
MTP Poll 1.0 Multiple Remote Script Insertion Vulnerabilities alert1;' / alert2;' / input type="hidden" na...
MTP Guestbook 1.0 - Multiple Cross-Site Scripting Vulnerabilities
MTP Guestbook 1.0 Multiple Remote Script Insertion Vulnerabilities alert1;' / scri...
MTP Image Gallery 1.0 - 'edit_photos.php?title' Cross-Site Scripting
MTP Image Gallery 1.0 title Remote Script Insertion Vulnerability alert1;' / input type="hidden" name="rat...
MTP Poll 1.0 Cross Site Scripting
MTP Poll 1.0 Multiple Remote Script Insertion Vulnerabilities alert1;' / alert2;' / inpu...
MTP Image Gallery 1.0 Cross Site Scripting
MTP Image Gallery 1.0 title Remote Script Insertion Vulnerability alert1;' / input typ...
MTP Guestbook 1.0 Cross Site Scripting
MTP Guestbook 1.0 Multiple Remote Script Insertion Vulnerabilities alert1;' / input type="hidden" name="insc...
MTP Poll 1.0 Multiple Remote Script Insertion Vulnerabilities
Summary More than poll is a polling system with a powerful administration tool. It features: multiple pools, templates, unlimited options, IP Logging, cookie support, and more. Description MTP Poll script suffers from multiple stored cross-site scripting vulnerabilities. The issues are triggered...