102 matches found
Discuz X2 SQL injection/Xpath latest vulnerability-vulnerability warning-the black bar safety net
| Vulnerability type: SQL injection/Xpath Request method: POST Affected page: http://127.0.0.1/member.php?mod=logging&action=login&loginsubmit=yes&infloat=yes&lssubmit=yes Parameters:username Parameters of the test: and 1=1 Attack details: username=1+and+1=1&cookietime=2 5 9 2 0 0...
Discuz X2 Safety study: SQL and XSS injection vulnerability 0day analysis-vulnerability warning-the black bar safety net
Recently, DiscuzX2 is out with two 0day, aSQL injectionvulnerability, an attacker can use this vulnerability to obtain the username and password, another is toXSSinjection vulnerabilities, the attacker can achieve the website hanging horse, Web sites, phishing and other acts, the current official...
Discuz! X2远程SQL注入漏洞
Discuz! X2在处理请求数据时存在SQL注入漏洞,远程攻击者可利用此漏洞非授权操作数据库。 漏洞存在于如下代码中: if!defined'INDISCUZ' exit'Access Denied'; define'NOROBOT', TRUE; @list$G'gpaid', $G'gpk', $G'gpt', $G'gpuid', $G'gptableid' = explode'|', base64decode$G'gpaid'; if!empty$G'gpfindpost' && $attach = DB::fetchfirst"SELECT pid, tid FROM...
Discuz! X2 Beta 存储型XSS
简要描述: Discuz! X2 Beta 存储型XSS 详细说明: Discuz! X2 Beta 【家园】相册描述 存储型XSS漏洞。 漏洞证明:...
CVE-2011-0454
Buffer overflow in the PPP Access Concentrator PPPAC on the SEIL/x86 with firmware 1.00 through 1.61, SEIL/B1 with firmware 1.00 through 3.11, SEIL/X1 with firmware 1.00 through 3.11, SEIL/X2 with firmware 1.00 through 3.11, SEIL/Turbo with firmware 1.80 through 2.10, and SEIL/neu 2FE Plus with...
Buffer overflow
Buffer overflow in the PPP Access Concentrator PPPAC on the SEIL/x86 with firmware 1.00 through 1.61, SEIL/B1 with firmware 1.00 through 3.11, SEIL/X1 with firmware 1.00 through 3.11, SEIL/X2 with firmware 1.00 through 3.11, SEIL/Turbo with firmware 1.80 through 2.10, and SEIL/neu 2FE Plus with...
CVE-2011-0454
SEIL Series routers (PPPoE PPPoE PPPAC) contain a buffer overflow vulnerability in the PPP Access Concentrator when processing PPPoE packets. Affected firmware ranges include SEIL/x86 1.00–1.61, SEIL/B1 1.00–3.11, SEIL/X1 1.00–3.11, SEIL/X2 1.00–3.11, SEIL/Turbo 1.80–2.10, and SEIL/neu 2FE Plus 1...
CVE-2010-2363
CVE-2010-2363 affects SEIL/X1, SEIL/X2, and SEIL/B1 routers (firmware 1.00–2.73). In strict mode, IPv6 Unicast Reverse Path Forwarding (RPF) fails to drop certain packets, potentially allowing remote spoofed-IP traffic to bypass access restrictions. Connected sources (NVD, JVN/JVNDB) confirm the ...
CVE-2009-4292
Buffer overflow in the URL filtering function in Internet Initiative Japan SEIL/X1, SEIL/X2, and SEIL/B1 firmware 2.40 through 2.51 allows remote attackers to execute arbitrary code via unspecified vectors...
Code injection
Internet Initiative Japan SEIL/X1, SEIL/X2, and SEIL/B1 firmware 2.30 through 2.51, when NAT is enabled, allows remote attackers to cause a denial of service system restart via crafted GRE packets...
CVE-2009-4292
CVE-2009-4292 corresponds to a buffer overflow in the URL filtering function of Internet Initiative Japan SEIL/X1, SEIL/X2, and SEIL/B1 firmware versions 2.40–2.51. The vulnerability may allow a remote attacker to execute arbitrary code when processing specially crafted URLs. Public details consi...
CVE-2008-2082
Cross-site scripting XSS vulnerability in index.php in Siteman 2.0.x2 allows remote attackers to inject arbitrary web script or HTML via the module parameter, which leaks the path in an error message...
CVE-2008-2082
Cross-site scripting XSS vulnerability in index.php in Siteman 2.0.x2 allows remote attackers to inject arbitrary web script or HTML via the module parameter, which leaks the path in an error message...
CVE-2008-2082
CVE-2008-2082: XSS vulnerability in Siteman 2.0.x2 (index.php) where an attacker can inject arbitrary script/HTML via the module parameter, with the error message leaking the path. Affected software is Siteman 2.0.x2; the vulnerability is triggered through the module parameter and is confirmed by...
CVE-2008-2081
Directory traversal vulnerability in index.php in Siteman 2.0.x2 allows remote authenticated administrators to include and execute arbitrary local files via a .. dot dot in the module parameter...
CVE-2008-1147
A certain pseudo-random number generator PRNG algorithm that uses XOR and 2-bit random hops aka "Algorithm X2", as used in OpenBSD 2.6 through 3.4, Mac OS X 10 through 10.5.1, FreeBSD 4.4 through 7.0, and DragonFlyBSD 1.0 through 1.10.1, allows remote attackers to guess sensitive values such as I...
Improper access control
Siteman 2.0.x2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing password hashes via a direct request for db/siteman/users.MYD...
CVE-2007-0594
Siteman 2.0.x2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing password hashes via a direct request for db/siteman/users.MYD...
CVE-2007-0594
Siteman 2.0.x2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing password hashes via a direct request for db/siteman/users.MYD...
siteman-pass.txt
-=--------------------ADVISORY-------------------=- Siteman 2.0.x2 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: Siteman 2.0.x2 -=+ Version: 2.0.x2 -=+ Vendor's URL: http://home.no.net/siteman/ -=+ Platform: Windows\Linux\Unix -=+ Bug type:...