Lucene search
K

54 matches found

seebug.org
seebug.org
added 2011/05/01 12:0 a.m.293 views

Discuz!NT 2.*-3.5.2 SQL注入漏洞

Discuz!NT 是康盛创想Comsenz旗下的一款功能强大的基于 ASP.NET 平台的社区软件。ajaxtopicinfo.ascx用户控件 poster SQL注入漏洞。结合ajax.aspx调用任意用户控件漏洞 admin/UserControls/ ajaxtopicinfo.ascx 函数 GetCondition WebsiteManage.cs //62 行 if posterlist != "" string poster = posterlist.Split','; condition += " AND poster in "; string tempposerli...

7AI score
Exploits0
myhack58
myhack58
added 2011/03/15 12:0 a.m.63 views

QUIK email(QuarkMail)remote command execution vulnerabilities and fixes-vulnerability warning-the black bar safety net

Vulnerability Description: The QUIK e-mail(QuarkMail Beijing Xiong Zhi weiye science and Technology Company launched the e-mail system, is widely used in various areas of email solutions, webmail section Using perl cgi to write, but 80sec in their system found a major security vulnerability leads...

0.5AI score
Exploits0
seebug.org
seebug.org
added 2011/02/28 12:0 a.m.22 views

bo-blog任意变量覆盖漏洞

// go.php $qurl=$SERVER"REQUESTURI"; @list$relativePath, $rawURL=@explode'/go.php/', $qurl; $rewritedURL=$rawURL; // 来自$SERVER"REQUESTURI",可以任意提交的: ... $RewriteRules="/component/^/+/?/"; // 这个正则限制的不够细致,可以很轻易的绕过: ... $RedirectTo="page.php?pagealias=\1"; $i=0; foreach $RewriteRules as $rule if...

7.1AI score
Exploits0
myhack58
myhack58
added 2011/01/01 12:0 a.m.19 views

AspCms v1. 1 Xss New Year Edition-bug warning-the black bar safety net

Version:AspCms v1. 1 New Year's Day Edition Keywords:Powered by AspCms v1. 1 Front Desk use,the search functions search. asp Will containingXSSthe connection to the site management, Management open after the execution of arbitrary code The author filter only the'symbol of the anti-injection. If y...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2010/12/15 12:0 a.m.58 views

ASPR #2010-12-14-1: Remote Binary Planting in Windows Address Book

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2010-12-14-1 ------------------------------------------------------------------------- ASPR 2010-12-14-1: Remote Binary Planting in Windows Address Book...

9.3CVSS0.18675EPSS
Exploits1
myhack58
myhack58
added 2010/11/23 12:0 a.m.78 views

Tomcat remote denial of service vulnerability analysis(CVE-2 0 1 0-2 2 2 7)-vulnerability warning-the black bar safety net

The present article is an analysis of the POC process, the pressure of the N months, and now before the issue. Using the analysis of POC, Tomcat in addition to the latest versionsee the specific website, and JBOSS in addition to the latest version, can fight, POC see the article. JBOSS official h...

6.4CVSS5.5AI score0.54779EPSS
Exploits2
securityvulns
securityvulns
added 2010/11/10 12:0 a.m.79 views

ASPR #2010-11-10-2: Remote Binary Planting in Microsoft Word 2010

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2010-11-10-2 ------------------------------------------------------------------------- ASPR 2010-11-10-2: Remote Binary Planting in Microsoft Word 2010...

9.3CVSS8AI score0.11139EPSS
Exploits0
securityvulns
securityvulns
added 2010/11/08 12:0 a.m.67 views

ASPR #2010-11-05-01: Remote Binary Planting in Adobe Flash Player

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2010-11-05-01 ------------------------------------------------------------------------- ASPR 2010-11-05-01: Remote Binary Planting in Adobe Flash Player...

9.3CVSS9.2AI score0.09294EPSS
Exploits1
securityvulns
securityvulns
added 2010/09/12 12:0 a.m.44 views

ACROS Security: Remote Binary Planting in Apple Safari for Windows (ASPR #2010-09-08-1)

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2010-09-08-1 ------------------------------------------------------------------------- ASPR 2010-09-08-1: Remote Binary Planting in Apple Safari for Windows...

0.6AI score
Exploits0
myhack58
myhack58
added 2010/06/17 12:0 a.m.13 views

Vulnerability: be wary of“help and Support Center”uninvited-vulnerability warning-the black bar safety net

Microsoft has just released 6 months patch, Windows XP it also exposed a new HCP Protocol vulnerabilities. After 3 6 0 Security Center to verify, when the Windows XP users use IE series browsers open hung it to the web, or playing“the infected”of the music file, the PC will automatically...

0.7AI score
Exploits0
myhack58
myhack58
added 2010/06/12 12:0 a.m.28 views

PHPCMS2008 1 0 0 5 2 7 version website management system to download an arbitrary file vulnerability-vulnerability warning-the black bar safety net

Phpcms is a PHP-based+Mysql architecture of the web content management system, it is an open-source PHP development platform. Phpcms uses a modular approach to the development, functional and easy to use to facilitate the expansion, for medium to large sites provide heavyweight website Building...

0.5AI score
Exploits0
seebug.org
seebug.org
added 2010/05/28 12:0 a.m.17 views

PHPCMS2008 100527版本网站管理系统下载任意文件漏洞

phpcms2008sp4 下载任意文件漏洞发布后,27号官方的补丁是这样的: down.php ifpregmatch'/.php/i',$f || strpos$f, ":\" showmessage'地址有误'; //12行 没补丁前是这样的: ifpregmatch'/.php$/',$f || strpos$f, ":\" showmessage'地址有误'; //12行 可以看出两者的区别。 但同样是这个文件中: parsestr$ak;//8行 知道这里还有更好的利用方法了,再看文件: download.php if$m $fileurl =...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/05/04 12:0 a.m.20 views

SiteServer CMS多处跨站漏洞

SiteServer CMS 是基于微软.NET 平台开发的网站内容管理系统,它集成了内容发布管理、多站点管理、定时内容采集、定时生成、多服务器发布、搜索引擎优化、流量统计等多项强大功能,独创的 STL 模板语言,通过Dreamweaver 可视化插件能够任意编辑页面显示样式,生成纯静态页面。 1.注册页面为过滤用户提交非法参数导致跨站,插入跨站语句即可: demo:http://demo.siteserver.cn/usercenter/register.aspx?ReturnUrl=%22%3E%3Ciframe%20src=%22http://www.zhuba.net%22%3E...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/04/28 12:0 a.m.45 views

动易(PowerEasy) SiteWeaver "ComeUrl" Cross-Site Scripting Vulnerability

动易SiteWeaver,它可以被恶意的人利用来进行跨站点脚本攻击漏洞。 输入传递到"ComeUrl"在User/UserChkLogin.asp中没有正确地处理返回给用户参数。这可以被用来执行在用户在受影响的浏览器会话中任意HTML和脚本代码。 这个安全漏洞在版本6.8报告。其它版本也可能受到影响。 PowerEasy SiteWeaver 6.x SEBUG临时解决办法 对User/UserChkLogin.asp,"ComeUrl"进行过滤处理 参考官方补丁 http://www.powereasy.net/...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/04/06 12:0 a.m.40 views

McAfee Email Gateway (formerly IronMail) - Internal Information Disclosure

Advisory Name: Internal Information Disclosure in McAfee Email Gateway formerly IronMail Vulnerability Class: Information Disclosure Release Date: Tue Apr 6, 2010 Affected Applications: Secure Mail Ironmail ver.6.7.1 Affected Platforms: FreeBSD 6.2 / Apache-Coyote 1.1 Local / Remote: Local...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2010/03/05 12:0 a.m.131 views

Discuz!NT 3.1.0 多处存在跨站漏洞

北洋贱队(http://bbs.seceye.org)首发 1.在快速搜索区域的“板块”搜索提交跨站测试语句"iframe+Src=http://www.gohack.org, 获得地址:http://localhost/bbs/forumsearch.aspx?q=%22%3E%3Ciframe%20src%3Dhttp%3A//www.gohack.org%3E 2.在论坛板块版面出随意选择一种浏览方式,然后修改或添加加入跨站语句,获得地址:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/02/19 12:0 a.m.40 views

Sablog-X v2.x 任意变量覆盖漏洞

由于Sablog-x v2.x的common.inc.php里$EVO初始化处理存在逻辑漏洞,导致可以利用extract来覆盖任意变量,最终导致xss、sql注射、代码执行等很多严重的安全漏洞。 common.inc.php代码里: .... $onoff = functionexists'iniget' ? iniget'registerglobals' : getcfgvar'registerglobals'; if $onoff != 1 @extract$COOKIE, EXTRSKIP; @extract$POST, EXTRSKIP; @extract$GET,...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/10/16 12:0 a.m.50 views

织梦(DEDECMS) 5.1 plus/feedback_js.php存在注入漏洞

在magicquotesgpc=off的情况下可用 此漏洞可拿到后台管理员的帐号和加密HASH,漏洞存在文件plus/feedbackjs.php,未过滤参数为$arcurl ...... $urlindex = 0; ifempty$arcID $row = $dlist-dsql-GetOne"Select id From @cachefeedbackurl where url='$arcurl' "; //此处$arcurl没有过滤 ifisarray$row $urlindex = $row'id';...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/07/17 12:0 a.m.33 views

Discuz! admin\styles.inc.php get-webshell bug

在文件admin\styles.inc.php里代码: if$newcvar && $newcsubst if$db-resultfirst"SELECT COUNT FROM $tableprestylevars WHERE variable='$newcvar' AND styleid='$id'" cpmsg'styleseditvariableduplicate', '', 'error'; elseif!pregmatch"/a-zA-Z\x7f-\xffa-zA-Z0-9\x7f-\xff/", $newcvar cpmsg'styleseditvariableillegal...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/11/05 12:0 a.m.21 views

Discuz! 路径信息泄露漏洞

目录\ucclient\data\cache,\forumdata\cache等下面的文件里对如:br / br / $CACHE'settings' = array br / 'accessemail' = '',br / 'censoremail' = '',br / 'censorusername' = '',br / 'dateformat' = 'y-n-j',br / 'doublee' = '1',br / 'nextnotetime' = '0',br / 'timeoffset' = '28800',br / ;br / br / br /...

7.1AI score
Exploits0
Rows per page
Query Builder