5 matches found
Tr Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit
No description provided by source. !/usr/bin/perl Affected.scr..: Tr Forum V2.0 Poc.ID........: 10060903 Type..........: SQL Injection, Bypass Security Restriction Risk.level....: Medium Vendor.Status.: Unpatched Src.download..: comscripts.com/scripts/php.tr-forum.1579.html Poc.link......:...
TR Forum SQL注入及认证绕过漏洞
Tr Forum是一款法语的论坛程序。 Tr Forum中的多个漏洞允许恶意用户执行SQL注入攻击和绕过某些安全限制。 1 admin/insertadmin.php文件中缺少认证,允许创建拥有有限权限的管理员帐号。 2 没有正确过滤对admin/editer.php文件中id2参数的输入,允许攻击者通过注入任意SQL代码操控SQL查询。成功攻击要求某些管理权限。 3 在更新配置文件时缺少访问验证,允许通过更改id参数修改其他用户的设置。 组合使用1和2所述漏洞允许以完全权限访问管理部分。 Tr Forum Tr Forum 2.0 我们建议使用此软件的用户随时关注厂商的主页以获取最新版...
trforum20.txt
!/usr/bin/perl Affected.scr..: Tr Forum V2.0 Poc.ID........: 10060903 Type..........: SQL Injection, Bypass Security Restriction Risk.level....: Medium Vendor.Status.: Unpatched Src.download..: comscripts.com/scripts/php.tr-forum.1579.html Poc.link......: acid-root.new.fr/poc/10060903.txt...
Tr Forum 2.0 SQL Injection / Bypass Security Restriction Exploit
Exploit for unknown platform in category web applications ================================================================ Tr Forum 2.0 SQL Injection / Bypass Security Restriction Exploit ================================================================ !/usr/bin/perl Affected.scr..: Tr Forum V2.0...
Tr Forum 2.0 SQL Injection / Bypass Security Restriction Exploit
No description provided by source. !/usr/bin/perl Affected.scr..: Tr Forum V2.0 Poc.ID........: 10060903 Type..........: SQL Injection, Bypass Security Restriction Risk.level....: Medium Vendor.Status.: Unpatched Src.download..: comscripts.com/scripts/php.tr-forum.1579.html Poc.link......:...