3 matches found
Arbitrary file download vulnerability in phpwechat version 1.1.6
phpWechat is a free and open source microsoft public platform management system. An arbitrary file download vulnerability exists in phpwechat version 1.1.6 at the data backup, which can be exploited by an attacker to download arbitrary files from the server, such as script code, service and syste...
phpwechat upload.class.php arbitrary file upload vulnerability
phpwechat is a simple framework for building a PC website + wechat public platform. phpwechat upload.class.php exists arbitrary file upload vulnerability, due to the program fails to check the data submitted by visitors or filtering is not strict, you can directly submit modified data to bypass t...
SQL injection vulnerability in phpwechat wechatmanage.class.php
phpwechat is a simple framework for building a PC website + wechat public platform. phpwechat wechatmanage.class.php suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information using commonly used SQL injection tools...