PHPCMS V9 full version of the reflective XSS

No description provided by source...

PHPCMS V9 role.php file SQL injection vulnerability

PHPCMS is a web content management system based on PHP and Mysql architecture. The system includes modules such as news, pictures, downloads, information and products. A SQL injection vulnerability exists in the PHPCMS V9 role.php file, which allows attackers to exploit the vulnerability to obtai...

PHPCMS V9 member_group.php file SQL injection vulnerability

PHPCMS is a web content management system based on PHP and Mysql architecture. The system includes modules such as news, pictures, downloads, information and products. A SQL injection vulnerability exists in the PHPCMS V9 membergroup.php file, which allows attackers to exploit the vulnerability t...

phpcms v9 逻辑缺陷导致可重置任意用户密码

No description provided by source...

phpcms v9 后台任意文件读取(可获取authkey)

No description provided by source...

PHPCMS V9 phpsso/index.php authkey 泄露漏洞

No description provided by source...

PHPCMS V9 /api.php Authkey 信息泄漏

No description provided by source...

phpcms v9 /modules/phpsso/index.php SQL注入漏洞

No description provided by source...

phpcms v9 latest high-risk sql injection exp-vulnerability warning-the black bar safety net

Get the current database http://192.168.1.139:8080/phpcms/index.php?m=member&c=index&a=login post: forward=http%253A%252F%252F192. 1 6 8. 1. 1 3 9%253A8080%252Fphpcms%252Findex. php%253Fm%253Dmember&username=phpcms&password=1 2 3 4 5 6%26username%3d%2 5 2 7%2bunion%2bselect%2b%2 5 2 7 2% 2 5 2...

用友政务官方网站存在漏洞导致authkey泄露

简要描述： 用友政务官方网站存在漏洞导致authkey泄露 详细说明： 同学在用友政务工作，闲着没事看了看他们的官方网站，顺便手贱摸了一下·· http://www.yonyougov.com/index.php?m=admin&c=index&a=login&pchash= PHPCMS V9的系统 authkey很重要，可注射拿shell...

PHPCMS V9 /phpsso_server/phpcms/modules/phpsso/index.php SQL注入漏洞

/api/getmenu.phpfunction ajaxgetlist $cachefile = $GET'cachefile'; $cachefile = strreplacearray'/', '//', '', $cachefile; //$cachefile = pregreplace'/\x00-\x08\x0B\x0C\x0E-\x1F\x7F+/S', '', $cachefile; $path = $GET'path'; $path = strreplacearray'/', '//', '', $path; //$path =...

phpcms 9.0 - Blind SQL Injection Vulnerability

No description provided by source. ================================================================= phpcms V9 BLind SQL Injection Vulnerability ================================================================= Software: phpcms V9 Vendor: www.phpcms.cn Vuln Type: BLind SQL Injection Download link...

PHPCMS V9 未明SQL注入漏洞

No description provided by source...

PHPCMS V9 arbitrary file include vulnerability-vulnerability warning-the black bar safety net

Brief description: Somewhere considered not rigorous, it is possible to cause the file containing the vulnerability. Use Conditions: registerglobal=ON Detailed description: Vulnerability file:/plugin.php Vulnerability code: 2 2 row Trigger conditions: registerglobal=ON Code fragment: 1 5 to 2 2...

PHPCMS V9 article submission CSRF vulnerability-vulnerability warning-the black bar safety net

CSRF can lead to add back the administrator account. ! In Member center, article submission, in source fill in: Exploit code: Super administrator the myform. submit If the administrator in the background of the audit, it will trigger JS that leads to add in Admin. ! ! Vulnerability proof: !...

phpcms v9 two chicken-vulnerability-vulnerability warning-the black bar safety net

I will not paste code, are interested in your own talk about it, maybe you can find out more. Exp: http://www.php0day.com/api.php?op=getmenu&act=ajaxgetlist&callback=alert&path=b4dboy&cachefile=../../../fuck 包含 根 目录 的 fuck.cache.php and a tasteless. Contains the other files you truncated it, see...

PHPCMS v9 Getshell（apache to parse）vulnerabilities EXP-vulnerability warning-the black bar safety net

Vulnerability file: phpcms\modules\attachment\attachments.php Suffix detected: phpcms\modules\attachment\functions\global.func.php Fileext function is the file name suffix of the extract. According to this function if we Upload a file named ddd. Php. jpg%2 0%2 0%2 0%2 0%2 0%2 0%20Php After this...

PHPCMS V9 uc API SQL injection vulnerability-vulnerability warning-the black bar safety net

PHPCMS V9 version to 2 0 1 0 was introduced, is the application of the more widely used build tool. Third-party data show that the current use of PHPCMS V9 build a number of sites up to several hundred thousand, including UNICEF and other Agency sites, as well as a large number of business websit...

phpcms v9 2013-02-01 members of the center injection vulnerability analysis report-vulnerability warning-the black bar safety net

Report name: phpcms v9 2013-02-01 members of the center injection vulnerability analysis report Vulnerability author: skysheep Analysis author: Seay Blog: http://www.cnseay.com/ Vulnerability analysis: The vulnerability exists in the phpcms\modules\member\index.php file accountmanageinfo function...

PHPCMS V9版poster_click函数SQL注入漏洞

No description provided by source...