CVE-2023-27844

SQL injection vulnerability found in PrestaShopleurlrewrite v.1.0 and before allow a remote attacker to gain privileges via the Dispatcher::getController component...

Bitrac 1.25.0.2500个人博客系统上传漏洞

Bitrac 正式版本，Bitrac 是基于 ASP.NET 2.0 + SQLite 的单用户博客程序，内置 URLRewrite 和页面压缩功能，支持 MetaWeblogAPI，自写的 HTML 模板引擎，方便修改风格，完全的可视化编辑环境。 首先说一下Bitrac在线升级顺序。 在后台请求 升级 Control.ashx Automat string sCode = SiteFun.RandomStr9; AdmStat.SetLockFilesCode; 在网站Errors目录随机生成一个.lock 文件,同时文件名记录在 Autoset.Cookie + "Lock"...

Unable to use HTTPS for login only

If you setup the urlrewrite.xml like so: noformat ^/s/.//download/images/^?. /images/$2 ^/s/.//^?. /$2 ^/login.action https https://localhost:8443/login.action ^/dologin.action https https://localhost:8443/dologin.action ^/. https /login.action. /dologin.action. /s/. http://localhost:8080/$...

Overwrite any file via desname in Oracle Reports

Name Overwrite any file via desname in Oracle Reports Systems Affected Oracle Reports 6.0, 6i, 9i, 10g Severity High Risk Category File overwrite Vendor URL http://www.oracle.com Author Alexander Kornbrust ak at red-database-security.com Date 19 July 2005 V 1.00 Advisory AKSEC2003-005 Inital bug...

Read parts of any file via desformat in Oracle Reports

Name Read parts of any file via desformat in Oracle Reports Systems Affected All version of Oracle Reports Severity Medium Risk Category Information disclosure Vendor URL http://www.oracle.com Author Alexander Kornbrust ak at red-database-security.com Date 19 July 2005 V 1.00 Advisory AKSEC2003-0...