CVE-2025-1959

A vulnerability, which was classified as critical, was found in Codezips Gym Management System 1.0. Affected is an unknown function of the file /changespwd.php. The manipulation of the argument loginid/loginkey leads to sql injection. It is possible to launch the attack remotely. The exploit has...

PageAdmin几个设计缺陷导致的安全漏洞

简要描述： 1.loginkey暴力预测 2.伪造任意会员或管理留言 3.删除任意留言 ps：.net开源了，相信各种特性漏洞会如雨后春笋般涌现，小菜先学点asp.net基础知识，等大牛们发特性漏洞的时候至少能够看懂。 详细说明： 1.loginkey 暴力预测 /e/member/checkrepeat.aspx protected void PageLoadObject src,EventArgs e CheckPost; string Field=Request.Form"field";//数据传入 自定义字段 string...