CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1 matches found

seebug.org•added 2011/02/28 12:0 a.m.•20 views

bo-blog任意变量覆盖漏洞

// go.php $qurl=$SERVER"REQUESTURI"; @list$relativePath, $rawURL=@explode'/go.php/', $qurl; $rewritedURL=$rawURL; // 来自$SERVER"REQUESTURI",可以任意提交的: ... $RewriteRules="/component/^/+/?/"; // 这个正则限制的不够细致,可以很轻易的绕过: ... $RedirectTo="page.php?pagealias=\1"; $i=0; foreach $RewriteRules as $rule if...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by