6 matches found
CTF-Web-Challenges
This is a PHP challenge where the goal is to get a shell on the server. The challenge is hosted on a Docker container, and the PHP code is written in a way that makes it difficult to execute arbitrary code. The challenge involves using the session.uploadprogress feature in PHP, which allows us to...
Remote Command Execution Vulnerability in extmail Mail System
ExtMail email system is divided into professional and open source version of the entry-level mail server. A remote command execution vulnerability exists in extmail email system. The vulnerability URL is: http://target/extmail/cgi/env.cgi, using the account login, you can execute system commands,...
用友某系统从弱口令到sql注射到getshell
简要描述: 弱口令、sql注射、getshell 详细说明: 系统地址: http://vip.ufida.com.cn/Frame/Index.aspx 弱口令帐号:adminnc 密码:adminnc 在自助查询处,发现注入(需要登录,注意cookie有时效) GET http://vip.ufida.com.cn/RepositorySearchInfo/DoctInfo.aspx?ReposID=38d4a08e-8b79-4de7-8566-30aecfb1d56f HTTP/1.1 Accept: text/html, application/xhtml+xml, /...
ecshop v2. 7 2 front Desk write shell vulnerability-vulnerability warning-the black bar safety net
0 2 0 3titleecshop v2. 7 2 front Desk write shell vulnerability by:xhm1n9/title 0 4form method="post" name="register" action="http://127.1/ecshop2.72/demo/index.php" 0 5h3ecshop v2. 7 2 front Desk write shell vulnerability/h3using the test: to submit twice, the second time the contents of any/br ...
ecshop v2. 7 2 demo/index. php file getshell vulnerabilities-vulnerability warning-the black bar safety net
//------------------------------------------------------------- Release date: 2010-11. 2 6 Publishing author: xhming Affected version: ecshop v2. 7 2 Official address: Vulnerability type: code execution Vulnerability description: Vulnerability analysis: demo/index.php if ! empty$POST'lang'...
iShowMusic V1. 2 direct write shell vulnerability-vulnerability warning-the black bar safety net
By qiur3n iShow Music is a basic set in the PHP+TXT online music player. The program uses text data stored in a way, without MYSQL database support, and the program code and interface templates separated, and easy to your music website interface to modify. Official website: http://www.ishowsky.cn...