Swagger exposed a remote code execution vulnerability affects Java, PHP, NodeJS and many other development languages-vulnerability warning-the black bar safety net

Vulnerability description The Swagger specification is widely used in Html, PHP, Java and Ruby and other popular languages to develop applications, which has recently been exposed a remote code execution vulnerability, the potential impact on Java, PHP, NodeJS and Ruby and other popular languages...

XYCMS健身会所建站系统 v1.1 jsxm_detail.asp 参数id SQL注入漏洞

0x01漏洞简介 XYCMS健身会所建站系统采用asp+access架构。其v1.1版本在/jsxmdetail.asp处对参数id 过滤不严，导致出现SQL注入漏洞。 0x02漏洞详情 该系统默认存在一个管理员数据表adminuser，该表包含管理员名称字段admin和密码 md5加密字段password，远程攻击者可以结合union方式获取敏感信息，登陆后台，上传shell。 0x03修复方案 过滤。...

Hikvision a network camera to the anonymous user to bypass the login permissions-bug warning-the black bar safety net

Network Camera firmware internal for the convenience of visitors to access, curing an anonymous account, which in most cases is disabled, but can be a base64 hard-coded way to create a cookie to bypass the login permissions review. User: anonymous Password：\1 7 7\1 7 7\1 7 7\1 7 7\1 7 7\1 7 7 !...

Pan micro-Eoffice without having to log in directly getshell-a vulnerability warning-the black bar safety net

Detailed description: To website demo, for example, the Pan-micro connection to the database file named mysqlconfig. ini,Direct Download ! 1.jpg Pan micro-phpmyadmin address for/phpmyadmin or/phpmyadminall,pan micro demon:8 0 2 8/phpmyadminall/ The official website of the demo is awesome, don't...

ECStore open source online shop system arbitrary file modification vulnerability to get shell-vulnerability warning-the black bar safety net

Brief description: Template Edit in the file edit function, to edit the file limit is not strict, the result may be to modify the system in the presence of any file Detailed description: File editing function, select To modify the file, where the selected image template file, then upload the...

The Hang Seng JRES platform registration vulnerability, you can hack the registry-the vulnerability warning-the black bar safety net

! plugin.jpg The eclipse-jres\plugins\com. hundsun. ares. studio. jres. register1. 1. 0. 2 0 1 2 0 8 2 9 1 4 0 8. jar to decompile,according to the com\hundsun\ares\studio\jres\register\RegisterUtil. the java file can get the registration file of the encryption way and key. The eclipse-jres\keys...

8 0% Vientiane network management there is a default database password can penetrate the entire cafe-vulnerability warning-the black bar safety net

Internet cafe database there is a default sa password can modify the data can be remotely executed command, and may penetrate the entire cafe It seems like a very old vulnerability, but now most of the Internet cafe or can use Detailed description: Vientiane database default password Account: sa...

UF FE office platform General SQL injection-vulnerability warning-the black bar safety net

The connection existsSQL injection /permissionsreport/flowTreeXml. jsp? treeSearchKey=1 sqlmap-u "http://oa.hzuf.com:9090/permissionsreport/flowTreeXml.jsp?treeSearchKey=1" ! 1.jpg sqlmap-u "http://oa.hzuf.com:9090/permissionsreport/flowTreeXml.jsp?treeSearchKey=1" --dbs ! 2.jpg 5 Case:...

Shopex background of the login page injection vulnerability attached to the use of POC-vulnerability warning-the black bar safety net

To login when passed a certain parameter does not do the filter, resulting in the injection of the generated Recently made secondary development of the time saw the login process 发现 在 文件 \shopex\core\admin\controller\ctl.passport.php Processing the verification code, The management account and...

SDCMS background to bypass directly into the,A not common design mistakes case study-vulnerability warning-the black bar safety net

Brief description: SDCMS background to bypass directly into the: test version 2. 0 beta2 other versions not tested Detailed description: Islogin //determine login method sub islogin if sdcms. strlenadminid=0 or sdcms. strlenadminname=0 then dim t0,t1,t2 t0=sdcms. getintsdcms. loadcookie"adminid",...

phpcms_v9. 3. 2 a management module logic validation vulnerability-vulnerability warning-the black bar safety net

In the file\modules\sms\sms. php: class sms extends admin function construct $this-logdb = pcbase::loadmodel'smsreportmodel'; $this-moduledb = pcbase::loadmodel'modulemodel'; $this-memberdb = pcbase::loadmodel'membermodel'; //Get the SMS platform configuration information $siteid = getsiteid;...

discuz! 7.* Stored xss-vulnerability warning-the black bar safety net

Post flash at the address filter is not strict, resulting in the storage typexss. ! document. writeACFLRunContent'width', '5 5 0', 'height', '4 0 0', 'allowNetworking', 'internal', 'allowScriptAccess', 'never', 'src', 'aaaaaaaaaaaaa', 'quality', 'high', 'bgcolor', 'ffffff', 'wmode', 'transparent'...

3 6 0 web site security detection score may be forgery vulnerability-vulnerability warning-the black bar safety net

Detailed description: Testing Server site when the administrator to view the log, access to the ip, the seal off can. in. Vulnerability proof: I sealed the ip section is: deny 218.30.117.0/2 4; deny 182.118.33.0/2 4; deny 123.125.160.0/2 4; ! Repair solutions: I would also like to see this produc...

phpwind9. 0 Cloud Platform is a plug-in arbitrary code execution-vulnerability warning-the black bar safety net

phpwind9. 0 drags finally released, looks very NB look, but is actually who with who knows ,all kinds of bugs everywhere, a variety of error...this is an example, pass to kill type..., the official does not fix on my own with the new version possibly?.. Detailed description: ! Sign of the times, ...

Bo library network to any user of the password reset vulnerability, non-violent crack-vulnerability warning-the black bar safety net

Brief description: Bo library network-the most varieties of Chinese online bookstore, and the presence of any user of the password reset vulnerability, or non-mainstream. Don't burp suite, no violence, just gently change you can reset any user password. To predict the details, please see the...

China Mobile self-service terminal to bypass the sandbox-vulnerability warning-the black bar safety net

Brief description: After login, click a query item, a long press on the image after the pop-up Save Image option. Detailed description: 1, The! 2, The after login select—"bill query"—the"tariff of gold Abacus"—query within the picture by long pressing it will bring up the Save Image options such ...

Part of the Discuz! The forum user can be any brush points-vulnerability warning-the black bar safety net

For some Discuz! Forum on the promotion visit this place not paying attention so the user can be any brush Forum user points and levels First click on the promotion to access ! You can see this interface “If you have a friend by one of the following links to access the site, you will get reward...

ZDSoft website generation system vulnerabilities and fixes-vulnerability warning-the black bar safety net

DSoft site generation system a serious vulnerability that can lead to the web server directly is to get the highest permissions, 1. Background permission bypass vulnerability http://www.zdsoft.net/admin/left.aspx the background menu If not logged in, it will js to jump to the login page, disable ...

PHPCMS V9 member table of contents feel free to modify the vulnerability and fix-vulnerability warning-the black bar safety net

A variable is not initialized causing the server setting registerglobal=On when members can freely modify their own member information. Due to the need registerglobal=On support, the impact is limited.. Vulnerability relates to members can modify their own balance lead to the website may have...

shopex v4. x proof of the physical path-vulnerability warning-the black bar safety net

Brief description: The buffer data file the content is too messy, syntax errors result in the explosion path Detailed description: /home/cache/cachedata.php the buffer data file broke the physical path Vulnerability proof: ! Repair solutions: Direct exit orweb serverforbidden error is returned...