EUVD-2009-3040

Malware in sbrugna...

SQL Injection Vulnerability in KingCMS

KingCMS is an open source content management system CMS. KingCMS suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

File Upload Vulnerability in KingCMS Version v5.1

KingCMS is a set of easy to learn, simple to operate open source content management system CMS, support for PHP + sqLite3/MySQL and ASP + ACCESS/MSSQL, dedicated to the professional development of oriented programs and enterprise website construction system. A file upload vulnerability exists in...

Arbitrary File Renaming Vulnerability in KingCMS v6.1.1641_Sp2 Version

KingCMS is a set of easy to learn, simple to operate open source content management system CMS, support for PHP + sqLite3/MySQL and ASP + ACCESS/MSSQL, dedicated to the professional development of oriented programs and enterprise website construction system. KingCMS v6.1.1641Sp2 version of...

Arbitrary File Editing Vulnerability in KingCMS v6.1.1641_Sp2

KingCMS is a content management system based on WEB technology. KingCMS v6.1.1641Sp2 has an arbitrary file editing vulnerability. The vulnerability stems from not filtering the path of the file to be modified and the content of the file to be written, which can be exploited by an attacker to edit...

SQL Injection Vulnerability in KingCMS Version 9.10.0026

KingCMS is a set of easy to learn, simple to operate open source content management system CMS, support PHP + sqLite3/MySQL and ASP + ACCESS/MSSQL, dedicated to the professional development of oriented programs and enterprise website construction system. A SQL injection vulnerability exists in th...

Cross-site scripting vulnerability in KingCMS 'conn.php' page

KingCMS is a content management system based on WEB technology. A cross-site scripting vulnerability exists in KingCMS. The /api/conn.php page fails to properly filter user input, allowing an attacker to exploit the vulnerability to build a malicious web page and trick users into parsing it to...

Multiple Cross-Site Scripting Vulnerabilities in KingCMS 'global.php' Page

KingCMS is a content management system based on WEB technology. KingCMS suffers from multiple cross-site scripting vulnerabilities. The global.php page fails to properly filter user-supplied input, allowing an attacker to exploit the vulnerabilities to build malicious web pages that can be parsed...

Cross-site scripting vulnerability in KingCMS 'manage_data.php' page

KingCMS is a content management system based on WEB technology. A cross-site scripting vulnerability exists in the KingCMS 'managedata.php' page. The program fails to filter user-supplied input, allowing an attacker to construct a malicious web page and trick users into parsing it to execute...

KingCms v9 /user/manage.php username参数等2处SQL注入

No description provided by source...

KingCms v9 /api/conn.php 目录遍历及任意文件读取漏洞（无需截断）

No description provided by source...

KingCms v9 /api/conn.php 信息泄漏漏洞

No description provided by source...

kingCMS v9.00.0019 conn.php 等6处 SQL注入漏洞

No description provided by source...

KingCms k9版 /apps/forum/board.php 注入漏洞

No description provided by source...

KingCMS V9 manage.php 任意用户密码重置漏洞

No description provided by source...

KingCms最新版绕过补丁（版本：9.00.0018）注入一枚

简要描述： KingCms最新版绕过补丁（版本：9.00.0018）注入一枚 详细说明： 写在前面：漏洞存在于用户发送站内信的地方，因此，测试时需要注册一个前台的普通用户。 朋友的公司购买了kingcms的授权，最近kingcms官方给我朋友发来了升级包，升级说明当中说已经解决了已知的安全问题，今天再帮朋友测试下。 自从朋友购买，已经经过了9.00.0015，9.00.0016，9.00.0017，现在更新到了9.00.0018，kingcms服务还不错。9.00.0018的更新时间是2015.07.23，见官网http://www.kingcms.com/download/k9/...

KingCms最新版（k9）注入1枚

简要描述： KingCms最新版（k9）注入1枚 详细说明： 朋友的公司想购买kingcms的授权，让我帮忙看下。发现kingcms很长一段时间没更新了，憋了一段时间放出了最新版的k92014-12-13更新，官网下下来学习一下。 这个注入有点好玩，不能使用逗号，逼的我只能盲注了，哈哈，下面来研究研究吧。 注入点：GET /user/pm.php?jsoncallback=1&=1&CMD=post&METHOD=POST&AJAX=1&username=test&content=test HTTP/1.1注入参数：where 问题文件在 /user/pm.php function po...

KingCms最新版（k9）注入4枚打包

简要描述： KingCms最新版（k9）注入4枚打包 详细说明： 朋友的公司想购买kingcms的授权，让我帮忙看下。发现kingcms很长一段时间没更新了，憋了一段时间放出了最新版的k92014-12-13更新，官网下下来学习一下。 在wooyun上看到了几个漏洞，如： WooYun: kingcms最新版sql注入漏洞 注入点：POST /apps/content/index.php HTTP/1.1 注入参数：where 问题文件在 /apps/content/index.php...

KingCms最新版目录遍历及任意文件读取漏洞（无需截断）

简要描述： KingCms最新版目录遍历及任意文件读取漏洞（无需截断） 详细说明： 朋友的公司想购买kingcms的授权，让我帮忙看下。发现kingcms很长一段时间没更新了，憋了一段时间放出了最新版的k92014-12-13更新，官网下下来学习一下。 在wooyun上看到了几个漏洞，如： WooYun: kingcms最新版sql注入漏洞 问题出在这里：/api/conn.php 先首需要说明的是，这里的目录遍历与文件读取并不是因为服务器配置不当等引起的，而是该cms的某些函数没过过滤+使用不当引起的。 0x00：先来看看如何目录遍历的。 无关代码 $get=$GET;...

KingCms最新版前台又GetShell

简要描述： KingCms最新版前台又GetShell 详细说明： 朋友的公司想购买kingcms的授权，让我帮忙看下。发现kingcms很长一段时间没更新了，憋了一段时间放出了最新版的k92014-12-13更新，官网下下来学习一下。 在wooyun上看到了几个漏洞，如： WooYun: kingcms最新版sql注入漏洞 只需要普通用户就可以完成getshell 问题出在这里：/apps/block/manage.php function edit $u=new user;$u-authrole'blockedit'; ifempty$POST'name'...