Easy WP SMTP v1. 3. 9）0 day vulnerability is being attacked in the process and reproducibility-vulnerability warning-the black bar safety net

Foreword Your own blog site with wordpres hosting, last month found some abnormalities. 3.12 days, the mailbox explosion, received more than 100 letter on the site is the blasting of the notification mail. ! Day to see also not strange, because before it appeared such a situation, every day there...

PHPMyWind CMS v4. 6. 3 Beta permissions bypass and unauthorized access-exploit warning-the black bar safety net

BUG-1: permission to bypass File location: goodsshow.php Problem code: //Do not allow visitors to place orders skip login ifempty$COOKIE'username' /just a simple determination of whether or not is empty header'location:member. php? c=login'; exit; Brief description: username is cookie get, as lon...