phpcms_v9. 3. 2 a management module logic validation vulnerability-vulnerability warning-the black bar safety net

In the file\modules\sms\sms. php: class sms extends admin function construct $this-logdb = pcbase::loadmodel'smsreportmodel'; $this-moduledb = pcbase::loadmodel'modulemodel'; $this-memberdb = pcbase::loadmodel'membermodel'; //Get the SMS platform configuration information $siteid = getsiteid;...

Most soil buy the program vulnerabilities and fixes-vulnerability warning-the black bar safety net

This vulnerability is very serious, will directly affect the website, the order information found in the commercial version CV1. 6. 1 4 9 to 0. Problem cause: The user enters the place an order page/team/buy. php? id=xxx, the page exists in a hidden fieldinput type="hidden" name="id"...

ACMS vulnerability-vulnerability warning-the black bar safety net

A few days ago a friend asked me to help him dosecurity testing, his Station is ACMS information distribution system. I to the official down a set of ACMS to study. ACMS front Desk is by the back-end to generate the static page, there is no injection vulnerability. The background comes with the...