Love fast router web Management page several vulnerabilities SQL blind injection, the plaintext stored passwords-bug warning-the black bar safety net

SQL blind injection, you can bypass the web page login authentication login default user name is admin. Password admin） I tested the ip is 1 9 2. 1 6 8. 1 6 8. 1:8 0,blind the url is http://192.168.168.1/login/x The user name of the payload is -1" OR 321=6 AND 0 0 0 1 6 7=0 0 0 1 6 7 -- The...

CMailServer mail system, the attachment download module download mail system installation disk arbitrary file vulnerability-vulnerability warning-the black bar safety net

CMailServer mail system, the attachment download module download mail system installation disk arbitrary file vulnerability Our Team: http://www.ph4nt0m.org Author: cloud [email protected] Date: 2005-11-06 Severity: medium Error type: parameter checking is not strict Affect the system: th...