4 matches found
phpyun talent system version 4.5 reloading vulnerability
PHPYun is a Chinese talent operation system with independent intellectual property rights. PHPYun talent system 4.5 version of the reloading vulnerability, attackers can exploit the vulnerability to cause the site is directly reloaded...
phpyun人才系(2015-02-03)Sql注入2枚(可删除任意简历)
简要描述: phpyun人才系2015-02-03Sql注入2枚可删除任意简历 无法绕过waf,也就获取不了敏感信息。 详细说明: 代码 /wap/member/model/index.class.php function addresumeaction//复制的较长,可直接略过。 if$this-config'userenforceidentitycert'=="1" $row=$this-obj-DBselectonce"resume","idcardpic'' and uid='".$this-uid."'"; if$row'idcardstatus'!="1"...
phpyun talent system injection+background getshell-a vulnerability warning-the black bar safety net
Paul id proof 0day - - would have been ready to throw the clouds, but look to have previously submitted a This sets the source of the hole no response..just lost it. No nonsense /model/class/action.class.php 6 0 3 row function funipget if getenv"HTTPCLIENTIP" && strcasecmpgetenv"HTTPCLIENTIP",...
PhpYun talent system through the kill injection and code execution vulnerabilities-vulnerability warning-the black bar safety net
PhpYun talent system is php the industry the door of households website php100 heavy launch a set of open source talent system, because of php100 position in the industry and the rapid is the webmasters choice, but after all is a new thing, which is code in the security on the presence of serious...