phpcms2008 business Yellow Pages module parameter is not filtered cause SQL injection vulnerability-vulnerability warning-the black bar safety net

phpcms business Yellow Pages module because the parameter is not filtered, the presence of SQL injection vulnerabilities,allowing an attacker to execute SQL statements. 0day is a guise,tasteless is really,since the impact is relatively small,will not cause what harm,N long before the discovery of...

PHPCMS v9 /phpcms/base.php 本地文件包含漏洞

No description provided by source...

Yellow Pages module XSS vulnerability to get PHPCMS V9 admin permissions and repair programme-vulnerability warning-the black bar safety net

Principles PHPCMS in the background is by the Cookie with the QueryString in pchash to determine whether you are a system administrator, wherein the Cookie is there the user local, pchash is the presence of the site database. If you get both and in the configuration of the browser environment the...

PHPCMS V9 phpsso_server-api-uc.php sql注入漏洞

No description provided by source...

PHPCMS V9 libs-functions-global.func.php sql注入漏洞

No description provided by source...

Phpcms V9 uc api SQL注入漏洞

1.未启用ucenter服务的情况下uckey为空 define'UCKEY', pcbase::loadconfig'system', 'uckey'; 2. deleteuser接口存在SQL注入漏洞，UC算法加密的参数无惧GPC,程序员未意识到$get'ids'会存在SQL注入情况。 public function deleteuser$get,$post pcbase::loadappfunc'global', 'admin'; pcbase::loadappclass'messagequeue', 'admin' , 0; $ids =...

PHPCMS 9 index.php 本地文件包含漏洞

phpcms/modules/search/index.php 代码如下： public function publicgetsuggestkeyword $url = $GET'url'.'&q='.$GET'q'; $res = @filegetcontents$url; ifCHARSET != 'gbk' $res = iconv'gbk', CHARSET, $res; echo $res;...

PHPCMS V9 index.php 跨站脚本漏洞

漏洞文件：phpcms/modules/message/templates/index.php 漏洞代码： 176行: $replyinfos= $this-messagedb-listinfo$where,$order = 'messageid ASC',$page, $pages = '10'; 191行: $replyinfos= $this-messagedb-listinfo$where,$order = 'messageid ASC',$page, $pages = '10'; 漏洞代码： 将176行和191行都替换为成: $replyinfos...

phpcms 2008 /ads/include/ads_place.class.php sql注入漏洞

漏洞产生位置： /ads/include/adsplace.class.php function show$placeid …………............. else $ads = $this-db-getone"SELECT FROM ".DBPRE."ads a, $this-table p WHERE a.placeid=p.placeid AND p.placeid=$placeid AND a.fromdate=UNIXTIMESTAMP AND a.passed=1 AND a.status=1 ORDER BY rand LIMIT 1"; $contents =...

phpcms 9 index.php sql注入漏洞

No description provided by source...

PHPCMS_V9 (get_linkage.php) 本地文件包含漏洞

由于文件getlinkage.php对于用户提交的变量未过滤，导致本地文件包含漏洞的产生。 相关代码如下： /api/ getlinkage.php codecase 'ajaxselect': $parentid = $GET'parentid' ? intval$GET'parentid' : 0; $keyid = $GET'keyid'; ajaxselect$parentid,$keyid; 函数ajaxselect在相同文件中有定义 function ajaxselect$parentid,$keyid $datas = getcache$keyid,'linkage';...

PHPCMS 9 plugin.php 本地文件包含漏洞

No description provided by source...

PHPCMS V9 (plugin.php)本地文件包含漏洞

由于文件/plugin.php对于用户提交的变量未过滤，导致本地文件包含漏洞的产生。 相关代码如下： 文件plugin.php ifisset$GET'id' list$identification, $filename,$action = explode'-', $GET'id'; $filename = !empty$filename ? $filename : $identification; $action = !empty$action ? $action : 'init'; $cache = getcache$identification,'plugins';...

phpcms 2008 index.php 跨站脚本攻击漏洞

No description provided by source...

phpcms V9 BLind SQL 注入漏洞

No description provided by source. http://eidelweiss-advisories.blogspot.com/2011/01/phpcms-v9-blind-sql-injection.html ! index.php?m=content&c=rss&catid=valid catid Example p0c ! http://host/index.php?m=content&c=rss&catid=10 = True ! http://host/index.php?m=content&c=rss&catid=-10 = False +...

phpcms 2008 广告模块注入漏洞

No description provided by source...

phpcms 2 0 0 8 product.php the pagesize parameter code injection vulnerability-vulnerability warning-the black bar safety net

SSV-Appdir: phpcms Published: 2011-10-12 Affected version: phpcms 2 0 0 8 Vulnerability description: phpcms 2 0 0 8 of the code due to the template parameter improper handling can lead to arbitrary execution of arbitrary code file. The specific code triggering the path is this: phpcms/yp/product...

phpcms 2 0 0 8 latest 0day added bulk EXP-vulnerability warning-the black bar safety net

Play the junk, throw it to everyone to play it. Now the hit rate is also good Oh. Direct GETSHELL it. Word password is c EXP: !/ usr/bin/php ? php printr' +---------------------------------------------------------------------------+ PHPCMS Remote Code Inject GetShell Trojan Google Dork:Powered by...

phpcms 2008 product.php pagesize参数代码注射漏洞

PHPCMS是国内领先的网站管理系统，同时也是一个开源的PHP开发框架。 PHPCMS 2008在处理某些模板参数时存在安全漏洞，其yp/product.php页面的pagesize参数没有正确进行检查过滤，导致可以提交任意字符，远程攻击者可利用此漏洞执行任意命令 具体的代码触发路径是这样的： phpcms/yp/product.php中获取pagesize参数，拼接为$urlrule变量。随后将之带入yp目录下的product.html模板之中。在模板执行后，进入到get函数处理中，最后经过get-pages-pageurl函数，最终触发pageurl的如下代码： eval"$url ...

phpcms 2008 c.php 跨站脚本漏洞

前言： phpcms目前已经退出v9版本，2008版已经停止更新，但仍有少数网站使用phpcms2008框架。 漏洞描述： 该漏洞主要由referer地址未进行过滤，直接插入数据库导致的注入漏洞。 代码： $info'referer' = HTTPREFERER; //这里为进行字符串过滤 $year = date'ym',TIME; $table = DBPRE.'ads'.$year; $tablestatus = $db-tablestatus$table; if!$tablestatus include MODROOT.'include/create.table.php';...