PHPYUN 信息泄露漏洞

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language jointly maintained by the PHP community. The language is mainly used for Web development, supports a variety of databases and operating systems. An information disclosure vulnerability exists in PHPPYUN...

CVE-2018-18713

The function downsqlaction in /admin/model/database.class.php in PHPYun 4.6 allows remote attackers to read arbitrary files via directory traversal in an m=database&c=downsql&name=../ URI...

PT-2018-14545 · Phpyun · Phpyun

Name of the Vulnerable Software and Affected Versions: PHPYun version 4.6 Description: A security issue was found in PHPYun, where a vulnerability allows the deletion of any file or directory. This is possible due to the mishandling of the sql parameter by the del action function in the...

phpyun 某漏洞可导致被脱裤

简要描述： rt 详细说明： https://images.seebug.org/upload/201502/091901402eced8dfc9c75ab0fb6f29e24b27dc7a.png 用cmd跳到php云的/data/backup/目录 然后再输出 “dir /x”执行 可以看到短文件名 http://localhost/phpyun/data/backup/PHPYUN1.SQL PHPYUN此处数字递增.SQL 0-N 手工都可以找出来 漏洞证明： Windows short filenames...

phpyun talent system patches after the injection-vulnerability warning-the black bar safety net

Yesterday inadvertently see php100 it seems like the php cloud system out of security patches, and today nothing, download down 1. 1. 6 edition of probably look, take a look at how Supplement. Looked after, found in config/dbsafety. php filter function is as follows: function...