CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1 matches found

seebug.org•added 2009/05/28 12:0 a.m.•14 views

织梦(DedeCms) V 5.3 任意变量覆盖漏洞

看核心文件include/common.inc.php中的代码 //检查和注册外部提交的变量 foreach$REQUEST as $k=$v if strlen$k0 && eregi'^|cfg|GLOBALS',$k && !isset$COOKIE$k //程序员逻辑混乱了？ exit'Request var not allow!'; 这个地方可以通过提交COOKIE变量绕过cfg等关键字的过滤接着是注册变量的代码 foreachArray'GET','POST','COOKIE' as $request foreach$$request as $k = $v $$k =...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by