10 matches found
SQL Injection Vulnerability in BlueCMS v1.6
bluecms is a free professional local portal system developed by open source combination PHP + MYSQL, focusing on local portal CMS. BlueCMS v1.6 suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
Logic Flaw Vulnerability in BlueCMS
BlueCMS is a free professional local portal system developed by open source combination PHP + MYSQL, focusing on local portal CMS. BlueCMS suffers from a logic flaw vulnerability. Attacks can then exploit the vulnerability to obtain sensitive information...
File Inclusion Vulnerability in BlueCMS
BlueCMS is a professional local portal system developed by open source combination of PHP + MYSQL, focusing on local portal CMS. BlueCMS has a file inclusion vulnerability that can be exploited by attackers to gain server privileges...
Arbitrary Code Execution Vulnerability in BlueCMS
BlueCMS is a professional local portal system developed by open source combination of PHP + MYSQL, focusing on local portal CMS. BlueCMS has an arbitrary code execution vulnerability. Attackers can use this vulnerability to obtain server privileges...
Arbitrary File Deletion Vulnerability in BlueCMS
BlueCMS is a professional local portal system developed by open source combination of PHP + MYSQL, focusing on local portal CMS. BlueCMS arbitrary file deletion vulnerability , an attacker can use the vulnerability to delete arbitrary files...
Arbitrary file editing vulnerability in niubicms v1.8
Cow CMS is a free version of the local portal PHP source code system. Includes: news, real estate, talent, automotive, local business station three-level domain name station, merchant business cards and other functions. niubicms v1.8 version of the existence of arbitrary file editing vulnerabilit...
齐博地方门户系统sql注入
简要描述: 变量未初始化导致注入 详细说明: 齐博地方门户系统 齐博的全局过滤系统中由于存在如下代码,导致传入的参数可以成为全局变量 foreach$COOKIE AS $key=$value unset$$key; foreach$POST AS $key=$value !ereg"^\A-Z+",$key && $$key=$POST$key; foreach$GET AS $key=$value !ereg"^\A-Z+",$key && $$key=$GET$key; 所以系统中如果存在未初始化的变量,容易导致注入 2shou/post.php中 180行...
Small ants local portal system sql injection and XSS-vulnerability warning-the black bar safety net
SQL injection: the http://demo.xiaomayi.co/public/ajax.aspx?action=addcomparebuild&cname=a'and%20dbname%3E0-- demoxiaomayico http://demo.xiaomayi.co/public/ajax.aspx?action=addcomparebuild&cname=a'and select top 1 name from demoxiaomayico. dbo. sysobjects where xtype=CHAR8 50--...
BlueCMS - PHP local portal system 0day large collection of-vulnerability warning-the black bar safety net
Bluecms is from a company tutorial to see the cms, and then thought, since there, used to do tutorials, I'll dig this set of cms vulnerabilities, I did not dig deep end, also failed to adhere to the code to see finished. It has been found that a lot of problems. Can actually get a shell on it. !...
Hua-the local portal system(port) 5.0 XDAY-vulnerability warning-the black bar safety net
Look at the background of the login authentication file: File code:admin/index. asp %dbs="../"% !-- include file="../inc/config. asp" - !-- include file="../inc/md5. asp" - % if session"adminid""" and session"adminuser""" Then response. Redirect "main. asp" response. End end if action=request...