PHPwind forum has XSS vulnerability

PHPwind is a website builder. PHPwind forums exist in the storage of XSS vulnerability, attackers can use the vulnerability to obtain sensitive information on the site...

phpwind 7.5 apps/share/index.php远程包含漏洞

PHPWind 论坛系统 是一套采用 php+mysql 数据库 方式运行并可生成 html 页面的全新且完善的强大系统。因具有非凡的访问速度和卓越的负载能力而深受国内外朋友的喜爱。 Zoomeye Dork apps/share/index.php 里$route和$basePath变量没有初始化,导致远程包含或者本地包含php文件,导致执行任意php代码 ?php if $route == "share" requireonce $basePath . '/action/mshare.php'; elseif $route == "sharelink" requireonce...

Phpwind Forum of a back door way-vulnerability warning-the black bar safety net

the pw of a back door way data\bbscache\adminrecord. php is recording the background to the landing and operation,we see how the operation of this file: admin\admincp.php: $bbsrecordfile=DP."data/bbscache/adminrecord.php"; if! fileexists$bbsrecordfile writeover$bbsrecordfile,"? php die;?& gt;\n";...