siteweaver 6.6 /reg/user_check.asp SQL注入漏洞

No description provided by source...

SiteWeaver 6.6 User_checkreg.asp SQL注入漏洞

No description provided by source...

Cross site scripting

Cross-site scripting XSS vulnerability in User/UserChkLogin.asp in PowerEasy 2006 and PowerEasy SiteWeaver 6.8 allows remote attackers to inject arbitrary web script or HTML via the ComeUrl parameter...

Move easy(PowerEasy) SiteWeaver "ComeUrl" Cross-Site Scripting Vulnerability-vulnerability warning-the black bar safety net

Move easyPowerEasy cross-site vulnerabilities Move easy SiteWeaver, it can be malicious people use to perform cross-site scripting attack vulnerability. Input passed to the"ComeUrl"in the User/UserChkLogin. asp does not properly handle the return to the user parameters. This can be used to perfor...

CVE-2010-1655

CVE-2010-1655 affects PowerEasy 2006 and PowerEasy SiteWeaver 6.8 via a cross-site scripting flaw in User/User_ChkLogin.asp, exploitable through the ComeUrl parameter to inject arbitrary script/HTML. The NVD entry lists a CVSSv2 base score of 4.3 (Medium) with network attack vector, requiring use...

动易(PowerEasy) SiteWeaver "ComeUrl" Cross-Site Scripting Vulnerability

动易SiteWeaver，它可以被恶意的人利用来进行跨站点脚本攻击漏洞。 输入传递到"ComeUrl"在User/UserChkLogin.asp中没有正确地处理返回给用户参数。这可以被用来执行在用户在受影响的浏览器会话中任意HTML和脚本代码。 这个安全漏洞在版本6.8报告。其它版本也可能受到影响。 PowerEasy SiteWeaver 6.x SEBUG临时解决办法 对User/UserChkLogin.asp,"ComeUrl"进行过滤处理 参考官方补丁 http://www.powereasy.net/...

siteweaver 6.6 dyna-page.asp Sql注入

No description provided by source...

动易SiteWeaver6.6注入漏洞Exploit

No description provided by source. script function gb2utf8data var glbEncode = ; gb2utf8data = data; execScript“gb2utf8data = MidBgb2utf8data, 1”, “VBScript”; var t=escapegb2utf8data.replace/%u/g,“”.replace/.2.2/g,“%$2%$1″.replace/%A-Z.%.2/g,“@$1$2″; t=t.split“@”; var i=0,j=t.length,k; while++ij...