Lucene search
K

151 matches found

seebug.org
seebug.org
added 2014/06/10 12:0 a.m.70 views

SiteServer 3.6.4 /SiteServer/cms/console_user.aspx SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/06/10 12:0 a.m.20 views

SiteServer 3.6.4 /siteserver/bbs/background_post.aspx SQL注入漏洞

SiteServer 3.6.4 /siteserver/bbs/backgroundpost.aspx文件Tile参数没有合适过滤,导致SQL注入漏洞。 SiteServer 3.6.4...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/03/14 12:0 a.m.29 views

SiteServer 3.6.4 安全模式绕过漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/03/07 12:0 a.m.20 views

SiteServer 3.6.4 /siteserver/cms/modal_contentGroupAdd.aspx SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/03/07 12:0 a.m.27 views

SiteServer 3.6.4 /siteserver/cms/modal_contentTagAdd.aspx SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/03/07 12:0 a.m.115 views

SiteServer 3.6.4 /ask/search.aspx SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/03/07 12:0 a.m.14 views

SiteServer 3.6.4 /siteserver/UserRole/background_userAdd.aspx SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/02/07 12:0 a.m.12 views

SiteServer 3.6.4 /siteserver/cms/background_channelsGroup.aspx SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
myhack58
myhack58
added 2014/01/07 12:0 a.m.26 views

siteserver latest version 3. 6. 4 sql inject-vulnerability warning-the black bar safety net

http://xxx.com/siteserver/service/backgroundtaskLog.aspx?Keyword=test%' and @@version=1 and 2='1&DateFrom=&DateTo=&IsSuccess=All The injection point is present in the Keyword, completely without any filtering. VariousSQL injectiontype, you can execute os cmd, off pants 2. The second injection...

Exploits0
seebug.org
seebug.org
added 2013/12/26 12:0 a.m.30 views

SiteServer 3.6.4 background_log.aspx SQL注入漏洞

SiteServer 3.6.4 /siteserver/platform/backgroundlog.aspx文件使用了位于/Bin/BaiRong.BackgroundPages.dll代码,在接收DateFrom参数没有合适过滤,导致SQL注入漏洞。 0 SiteServer 3.6.4 升级到官方最新版: http://www.siteserver.cn...

7.1AI score
Exploits0
myhack58
myhack58
added 2013/12/26 12:0 a.m.18 views

siteserver latest version 3. 6. 4 background_log. aspx page sql injection vulnerability-vulnerability warning-the black bar safety net

There siteserver/platform/backgroundlog. aspx 用 .NET Reflector decompile BaiRong. BackgroundPages. dll this file View Code is as follows: this. spContents. ConnectionString = BaiRongDataProvider. ConnectionString; flag = base. Request. QueryString"UserName" != null; if ! flag this. spContents...

1.7AI score
Exploits0
seebug.org
seebug.org
added 2013/12/26 12:0 a.m.18 views

SiteServer 3.6.4 background_taskLog.aspx SQL注入漏洞

SiteServer 3.6.4 /siteserver/service/backgroundtaskLog.aspx文件使用了位于/Bin/BaiRong.BackgroundPages.dll代码,在接收keyword参数没有合适过滤,导致SQL注入漏洞。 0 SiteServer 3.6.4 升级到官方最新版: http://www.siteserver.cn...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/12/26 12:0 a.m.18 views

SiteServer 3.6.4 background_dbSqlQuery.aspx SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/12/26 12:0 a.m.25 views

SiteServer 3.6.4 background_mailSubscribe.aspx SQL注入漏洞

注入存在/siteserver/cms/backgroundmailSubscribe.aspx 用.NET Reflector 反编译SiteServer.CMS.dll这个文件 查看代码如下: if uint isPostBack - uint isPostBack = 0 && isPostBack this.spContents.SelectCommand = DataProvider.MailSubscribeDAO.GetSelectCommendbase.PublishmentSystemID, base.Request.QueryString"Keyword",...

7AI score
Exploits0
seebug.org
seebug.org
added 2013/12/26 12:0 a.m.71 views

SiteServer 3.6.4 background_thread.aspx SQL注入漏洞

SiteServer 3.6.4 /siteserver/bbs/backgroundthread.aspx 文件Title参数没有合适过滤,导致SQL注入漏洞。 0 SiteServer 3.6.4 升级到官方最新版: http://www.siteserver.cn...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/12/26 12:0 a.m.43 views

SiteServer 3.6.4 background_contentsGroup.aspx SQL注入漏洞

SiteServer 3.6.4 /siteserver/cms/backgroundcontentsGroup.aspx文件使用了位于/Bin/SiteServer.CMS.dll代码,在接收GroupName参数没有合适过滤,导致SQL注入漏洞。 0 SiteServer 3.6.4 升级到官方最新版: http://www.siteserver.cn...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/12/24 12:0 a.m.16 views

SiteServer 3.6.4 /siteserver/cms/background_contentsGroup.aspx SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/12/24 12:0 a.m.21 views

SiteServer 3.6.4 /siteserver/platform/background_dbSqlQuery.aspx SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/12/24 12:0 a.m.17 views

SiteServer 3.6.4 /siteserver/cms/background_mailSubscribe.aspx SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/12/13 12:0 a.m.50 views

SiteServer 3.6.4 /siteserver/userRole/background_administrator.aspx SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
Rows per page
Query Builder