2 matches found
狼邦内容管理系统SQL注入漏洞 /ztcx
LBCMS是贵州狼邦科技有限公司自主开发的一套CMS,中文软件名称为: 狼邦内容管理系统,版本目前是V8.0,开发语言: ASP.NET 4.0,数据库: SQL2005, 运行环境: Windows2003/NT系统+IIS6.0 ,主要应用于贵州或其它地区的政府、学校、企事业单位、个人网站建设。 LBCMS存在一处SQL报错注入漏洞: /Webwsfw/ztcx/?bh=1 测试案例: http://www.gzfwz.com/Webwsfw/ztcx/?bh=1 报错形式注入 sqlmap证明 !/usr/bin/env python coding: utf-8 from...
Apache vulnerabilities-after suffix name parsing vulnerability-vulnerability warning-the black bar safety net
We all know that windows2003 + IIS6. 0, if the directory structure has xxx. asp such a directory, then all the directory of the file regardless of the extension of what are as asp to parse. We generally call this the loophole for windows2003+iis6. 0 directory to resolve the vulnerability. Blog...