齐博CMS视频系统 showsp.php和list.php 两处SQL注入漏洞

0x01漏洞描述 齐博CMS视频系统 showsp.php和list.php 两处SQL注入漏洞。 0x02漏洞详情 video/member/special.php elseif$job=='addsp' if$step==2 $yz=$groupdbPassContributeSP||$webadmin?1:0; $db-query"INSERT INTO $prespecial fid , title , keywords , style , template , picurl , content , aids ,uid , username , posttime , list,...

齐博视频系统 video/member/special.php SQL注入漏洞

0x01漏洞简介 齐博视频系统在文件/video/member/special.php处$TBpre未初始化，由于qibo存在伪全局变量注册，所以造成了sql注入。 0x02漏洞详情 video/member/special.php elseif$job=="showBBSiframe" $rsdb=$db-getone"SELECT FROM $prespecial WHERE uid='$lfjuid' AND id='$id'"; if!$rsdb showerr"资料不存在",1; //专题内的贴子排序 if$act=="order" unset$array; foreach...

齐博视频系统 special.php 参数aids SQL注入漏洞

0x01漏洞简介 齐博视频最新版，漏洞文件:video/member/special.php 发布专题的地方 关键代码： elseif$job=='addsp' if$step==2 $yz=$groupdbPassContributeSP||$webadmin?1:0; $db-query"INSERT INTO $prespecial fid , title , keywords , style , template , picurl , content , aids ,uid , username , posttime , list, allowpost, yz, banner...

Sql injection

Multiple SQL injection vulnerabilities in SenseSites CommonSense CMS allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 special.php, 2 article.php, or 3 cat2.php...

MAXcms 3.11.20b - Remote File Inclusion File Disclosure

MAXcms 3.11.20b - Remote File Inclusion File Disclosure MAXcms 3.11.20b RFI / File Disclosure Vulnerabilities I- Remote File Disclosure Vulnerabilities In /includes/inc.thcmsadmindirtree.php Code 22: if $GET"getjs"=="1" POC :...

MAXcms 3.11.20b - Remote File Inclusion / File Disclosure

MAXcms 3.11.20b RFI / File Disclosure Vulnerabilities I- Remote File Disclosure Vulnerabilities In /includes/inc.thcmsadmindirtree.php Code 22: if $GET"getjs"=="1" POC : http://localhost//microcms/includes/filemanager/special.php?fmincludesspecial=http://localhost/020.txt Thanx To ... | || \ \ \ ...