ThinkSNS v3 /apps/page/Lib/Action/DiyAction.class.php 任意用户登陆+后台管理绕过

No description provided by source...

thinksns V3 getshell vulnerabilities attached to the use of the method-vulnerability warning-the black bar safety net

tick test re-test is that the results of the proceedings I applied for didn't let me into listening to friends say this I'll probably see you found a getshell Anyway all tested so many hackers surely by the time someone dug out might as well put out attachaction.class.php | 1 | public function...

ThinkSNS V3任意删除评论 微博 转发漏洞

简要描述： 今天注册的v3测试下功能 发现v3问题很多 主要是在没有验证权限，只是单纯的在js上进行验证，下面是测试截图。 详细说明： 删除前： 删除中 修改uid和微博id 删除后： 漏洞证明：...