Lucene search
K
Myhack58Most viewed

7620 matches found

myhack58
myhack58
added 2011/06/19 12:0 a.m.24 views

PHP168 V6. 0 2 /member/post. php code execution vulnerability Xday-vulnerability warning-the black bar safety net

PHP168 whole Station is the PHP field of the current most powerful build system, The code is all open source, can be extremely convenient for secondary development, all modules can be freely installed and removed, the individual user is completely free to use. PHP168 in an array without the first...

1.7AI score
Exploits0
myhack58
myhack58
added 2011/05/15 12:0 a.m.24 views

Q8portals SQL injection vulnerability-vulnerability warning-the black bar safety net

Vulnerability description: Q8portals is a foreign of asp content management system, due to design flaws, leading tosql injectionvulnerability Vulnerability type: sql injection, ascript injection, blind injection, injection vulnerabilities Google keywords: intext:Powered by: q8portals.com...

0.3AI score
Exploits0
myhack58
myhack58
added 2011/05/15 12:0 a.m.24 views

Profshop SQL injection vulnerability-vulnerability warning-the black bar safety net

Vulnerability description: Profshop cmsdisplay.phpsince the filter is not strict, resulting in sql blind injection vulnerability. Vulnerability type: sql injection, ascript injection, blind injection, injection vulnerabilities Vulnerability Publisher/date: Caddy-Dz/2011-05-14 Google keywords:...

0.3AI score
Exploits0
myhack58
myhack58
added 2011/05/07 12:0 a.m.24 views

dhtml-menu-builder universal password and XSS cross-site vulnerabilities-vulnerability warning-the black bar safety net

Vulnerability Description: from abroad dhtml-menu-builder Auth bypass and Persistent xss; official website http://dhtml-menu-builder. com/; the system there is a serious background administrator authentication bypass vulnerability, as well asXSScross-site vulnerabilities. Publisher/date:...

0.7AI score
Exploits0
myhack58
myhack58
added 2011/04/23 12:0 a.m.24 views

PHPBoost 3.0 backup vulnerability-vulnerability warning-the black bar safety net

Title : PHPBoost 3.0 Remote Download Backup Vulnerability Author : KedAns-Dz E-mail : [email protected] Home : HMD/AM 30008/04300 - Algeria -0 0 2 1 3 5 5 5 2 4 8 7 0 1 Twitter page : twitter.com/kedans platform : php Impact : Download Backup Database . sql File Tested on : Windows XP sp3 FR Note...

1.7AI score
Exploits0
myhack58
myhack58
added 2011/01/26 12:0 a.m.24 views

Hearing the wind television system registry injection and tasteless of the anti-injection-vulnerability warning-the black bar safety net

Publishing author: LinkEr Affected versions: rapid-wind film and television system Official website: http://www.gxwglm.com Vulnerability type: SQL injection Vulnerability description: news air television system there is more thanSQL injectionvulnerabilities. 1. Register at injection:...

0.5AI score
Exploits0
myhack58
myhack58
added 2011/01/11 12:0 a.m.24 views

Discuz non-founder administrator code execution-vulnerability warning-the black bar safety net

| by:alibaba global.func.php function sendpm$toid, $subject, $message, $fromid = " 0 2 if$fromid === " 0 3 requireonce DISCUZROOT.'./ ucclient/client.php'; 0 4 $fromid = $discuzuid; 0 5 0 6 if$fromid 0 7 ucpmsend$fromid, $toid, $subject, $message; 0 8 else 0 9 global $promptkeys; 1 0...

0.4AI score
Exploits0
myhack58
myhack58
added 2011/01/01 12:0 a.m.24 views

WordPress 3.0.4 stored XSS-vulnerability warning-the black bar safety net

WordPress is a PHP language development of the popular blogging platform, WordPress 3.0.4 treatment comments the presence of the storage typeXSSvulnerabilities, successful exploitation of the vulnerability could lead to session information leakage, which may lead to elevation of privileges. In...

6.9AI score
Exploits0
myhack58
myhack58
added 2010/12/16 12:0 a.m.24 views

shopex. cn 3 source code download, leak of sensitive information vulnerability and the Fix-vulnerability warning-the black bar safety net

Brief Description: can be URL Direct Download or view the Web App directory structure, source code, Subversion server address, permission to modify the program of the account and other information. Vulnerability to prove: Solution: delete/filter all . svn directory, to restrict access . svn...

7.1AI score
Exploits0
myhack58
myhack58
added 2010/10/21 12:0 a.m.24 views

Ecshop2. 7. 2 persistent XSS to obtain administrator account-the vulnerability warning-the black bar safety net

Vulnerability details Brief description: Personal data changes, the Javascript code for the filter are not stringent enough, theXSSthe code directly into the database Detailed description: ! Password protection question this one, not using the regular filter, the other has the regular filter. We...

0.3AI score
Exploits0
myhack58
myhack58
added 2010/10/02 12:0 a.m.24 views

MyPhpAuction 2 0 1 0 SQL injection vulnerability-vulnerability warning-the black bar safety net

MyPhpAuction 2 0 1 0 productdesc. the php pageSQL injectionattacks can obtain user account passwords. http://www.myhack58.com/productdesc.php?id=-5+union+all+select+1,2,concatadminname,0x3a,pwd,4,5,6,7,8,9,1 0,1 1,1 2,1 3,1 4,1 5,1 6,1 7,1 8,1 9,2 0,2 1,2 2,2 3,2 4,2 5,2 6,2 7,2 8,2 9,3 0,3 1,3 2...

1AI score
Exploits0
myhack58
myhack58
added 2010/09/15 12:0 a.m.24 views

SiteEngine CMS 5.1.0 file upload vulnerability-vulnerability warning-the black bar safety net

Website engineSiteEngine,name: Boca website, the engine management system, The Beijing Boca vanguard Software Development Co., Ltd. in 2 0 0 2-year independent research and development, with intellectual property rights of a marketing type website construction management class software. At the sa...

0.1AI score
Exploits0
myhack58
myhack58
added 2010/09/14 12:0 a.m.24 views

ecshop the latest storm path oday-vulnerability warning-the black bar safety net

Brief description: /affiche.php,php5 environmental error exposure program path, php4 environment to display the written information Detailed description: the charset parameter is not to do rigorous filtration result in an http message header truncated written Vulnerability to prove:...

0.2AI score
Exploits0
myhack58
myhack58
added 2010/08/02 12:0 a.m.24 views

ECSHOP search injection vulnerability using exp and a background to take the shell-vulnerability warning-the black bar safety net

这个 是 search.php exp variants search.php? encode=YToxOntzOjQ6ImF0dHIiO2E6MTp7czoxmju6ijenksbhbmqgmt0yiedst1vqiejzigdvb2rzx2lkihvuaw9uigfsbcbzzwxly3qgy29uy2f0khvzzxjfbmftzswwednhlhbhc3n3b3jklccixccpihvuaw9uihnlbgvjdcaxiyinkswxigzyb20gzwnzx2fkbwlux3vzzxijijtzoje6ijeio319 Take SHELL landing in the...

0.3AI score
Exploits0
myhack58
myhack58
added 2010/07/27 12:0 a.m.25 views

Hua-speed online trading platform oday-vulnerability warning-the black bar safety net

Hua-speed online trading platform oday program: China speed online trading platform Vulnerability description:upload, storm library google keywords: inurl:listbuy. asp? class1 EXP test: Copy the code save it as html file html head meta http-equiv="Content-Type" content="text/html; charset=gb2312"...

Exploits0
myhack58
myhack58
added 2010/07/23 12:0 a.m.24 views

the windows shortcut file execution vulnerability and Defense strategies-vulnerability warning-the black bar safety net

Recently this loophole relatively fiery, simple to say is to construct a malicious shortcut can execute the file code. The vulnerability relates to XP, Vista, Win7, etc. almost all Windows platforms, U disk, mobile phone, digital camera, iPod, etc. all USB devices will become the Trojan of the...

0.1AI score0.91324EPSS
Exploits13
myhack58
myhack58
added 2010/07/22 12:0 a.m.24 views

Max CMS2. 0beta (maxcms)SQL injection and administrator authentication bypass vulnerability-vulnerability warning-the black bar safety net

This system was internally very popular video-on-demand system, before 1. 5 version vulnerability very much, the 2.0 version in terms of security has improved, but still there are loopholes exist. Look at the code \inc\ajax. asp dim action : action = getForm"action", "get" response. Charset="gbk"...

7.7AI score
Exploits0
myhack58
myhack58
added 2010/07/16 12:0 a.m.24 views

ECMall 2.2 app/groupbuy.app.php delay injection vulnerability-vulnerability warning-the black bar safety net

ECMall community e-Commerce systemreferred to as ECMallis Shanghai commercial school network Technology Co., Ltd. following the ECShop after the launch of yet another e-Commerce sister product app\groupbuy. app. php:2 6: function index $id = empty$GET'id' ? 0 : $GET'id'; //id not filtered if !$ i...

0.3AI score
Exploits0
myhack58
myhack58
added 2010/07/05 12:0 a.m.24 views

Wind news site management system any changes to password vulnerabilities-vulnerability warning-the black bar safety net

FoosunCMS is a powerful feature of based on ASP+ACCESS/MSSQL architecture of content management software. Vulnerability analysis: In the file\User\ GetPassword. asp: ElseIf Request. Form"Action" = "step3" then //first 2 Line 8 Call step3 ...... Sub step3 //the 1 9 8 row Dim ppassnew,pconfimpassne...

0.7AI score
Exploits0
myhack58
myhack58
added 2010/05/14 12:0 a.m.24 views

OK3W article management system vulnerability 0day-vulnerability warning-the black bar safety net

OK3W is a set of articles management system, the entire system of the program structure is based on a custom class to achieve, very creative o∩∩o...security is still relatively good, the current free version 4. 7 The existence of this vulnerability, the official website may also exist, but don't...

7.3AI score
Exploits0
myhack58
myhack58
added 2010/05/12 12:0 a.m.24 views

FCKeditor upload vulnerability find upload path-vulnerability warning-the black bar safety net

Online popular The is upload is like this http://localhost/fckeditor/editor/filemanager/browser/default/browser.html?Type=Image&Connector=../../connectors/asp/connector. asp...

0.7AI score
Exploits0
myhack58
myhack58
added 2010/04/19 12:0 a.m.24 views

The use of PMK Hashes for the WPA/WPA2 high-speed hack-vulnerability warning-the black bar safety net

Author: Christopher Yang This article relates to the Hash key based on the Cowpatty under the genpmk tool to make, this is the ZerOnesecurityteam is the wireless security group by with Aircrack-ng airolib-ng and related tools of convenience, versatility and repeated the comparison after the final...

1.6AI score
Exploits0
myhack58
myhack58
added 2010/04/14 12:0 a.m.24 views

Simple forged X-Forwarded-For-bug warning-the black bar safety net

On the forged X-Forwarded-For purposes I will not say more. In the invasion of a PHP station, the GPC is ON, Character type injection all., while in PHP5, the GPC the default is open. But GPC for$SERVER without any effect, So you can fake the$SERVER to achieve the injection to the purpose. IP. in...

7.5AI score
Exploits0
myhack58
myhack58
added 2010/04/03 12:0 a.m.24 views

Do all in cmd shell!- Vulnerability warning-the black bar safety net

Do all in cmd shell! Directory 1, Preface 2, The file transmission 3, The system configuration 4, the network configuration 5, software installation 6, Windows Script 7, The accompanying statement Foreword Cmd Shellcommand line interactionis a hack eternal topic, it is the historic and enduring i...

7.7AI score
Exploits0
myhack58
myhack58
added 2010/03/25 12:0 a.m.24 views

Internet Explorer 7.0 0day-vulnerability warning-the black bar safety net

script language="javascript" ifnavigator. userAgent. toLowerCase. indexOf"msie 7"==-1location. replace"about:blank"; function sleepmilliseconds var start=new Date. getTime; forvar i=0;i1e7;i++ ifnew Date. getTime-startmilliseconds break function spraysc var infect=unescapesc...

1.4AI score
Exploits0
myhack58
myhack58
added 2010/03/20 12:0 a.m.24 views

Wind noise(FoosunCMS) 5.0 Error. asp error page cross-site scripting vulnerability (figure a-vulnerability warning-the black bar safety net

FoosunCMS is a powerful feature of based on ASP+ACCESS/MSSQL architecture of content management software, the leading domestic the first open source, integrated web2. 0 elements, modular CMS built Station system. FoosunCMS incorrectly filtered user input, a remote attacker could exploit the...

6.5AI score
Exploits0
myhack58
myhack58
added 2010/03/11 12:0 a.m.24 views

Security Wei Bo imitation Taobao multi-user Mall program v7. 2 vulnerability-vulnerability warning-the black bar safety net

==Estimation of many a fancy to Taobao guest number of procedures. A relatively simple system. Program all types of variables are character type, use the Password = replacerequest. form"password","'","" a similar such statement to filter single quotes, and don't know which bit of large cattle hav...

0.6AI score
Exploits0
myhack58
myhack58
added 2010/03/03 12:0 a.m.24 views

MySITES3. 0 site navigation system remote include vulnerability-vulnerability warning-the black bar safety net

Because the function is not initialized, leading to function can be any of the included files; 1, The registerglobal=On 2, The allowurlfopen = On 然后 即可 包含 Poc:www.r0expeR.Net/index.php?pathdir=http://www.r0expeR.Net/xx.txt ? php $poc = $GET'pathdir'; echo requireonce$poc; poc:http://www. r0expeR...

0.5AI score
Exploits0
myhack58
myhack58
added 2010/02/27 12:0 a.m.24 views

Remote included and local contain vulnerabilities principle-vulnerability warning-the black bar safety net

First, let's discuss the include file vulnerability,the first thing to ask is,what is"remote file inclusion vulnerability"for? The answer is: the server through the php properties of a function to contain any files, since you want to include this file source filter is not strict, so can go to tha...

7.3AI score
Exploits0
myhack58
myhack58
added 2010/02/25 12:0 a.m.24 views

ESCMS vulnerability website system 0day-vulnerability warning-the black bar safety net

Version:ESCMS V1. 0 SP1 Build 1 1 2 5 Background login authentication is through the admin/check. asp achieved,look at the code % if Request. cookiesCookiesKey"ESadmin"="" then 'Note that here Oh,he is by COOKIE validation ESadmin is empty,we can forge a value,called he is not empty 'CookiesKey i...

7.3AI score
Exploits0
myhack58
myhack58
added 2010/02/23 12:0 a.m.24 views

On the php local includes-vulnerability warning-the black bar safety net

Would have thought it struck gold with a black brother after the Exchange found can only be applied to the Win32 platform, so this BUG might of the storm reduced, the basic not much harm, because in the WIN32 platform using PHP too. include $GETfile.”. php”; Previously we used a%0 0 to cut off, n...

7.3AI score
Exploits0
myhack58
myhack58
added 2010/01/27 12:0 a.m.24 views

Another to bypass the firewall method-vulnerability warning-the black bar safety net

Using the Http channel software can break through the firewall restrictions, the use of only Http access permissions access to other Internet applications. So what is the channel? Here the so-called channel refers to a method to bypass the firewall port shield means of communication. The firewall...

6.9AI score
Exploits0
myhack58
myhack58
added 2010/01/20 12:0 a.m.24 views

0day sogou input method loopholes to gain system permissions-bug warning-the black bar safety net

Unintentionally found a very serious vulnerability, and the year 3 3 8 9 input loophole similar. However, temporary does not affect the not system is not loaded sogou input method, not login system. If the remote server installed sogou, the login system is loaded after the search dogs, but not...

1.1AI score
Exploits0
myhack58
myhack58
added 2010/01/10 12:0 a.m.24 views

On a national content-filtering system Dos security defect analysis-vulnerability warning-the black bar safety net

Author: jianxin 80sec EMail: jianxin80sec.com Site: http://www.80sec.com Date: 2009-1-2 From: http://www.80sec.com/release/dos-with-XXX.txt Directory 0×0 0 Preface 0×0 1 know it, understand this content filtering system 0×0 2 Hack it, the firewall class ids of some security research 0×0 3 somethi...

6.6AI score
Exploits0
myhack58
myhack58
added 2009/11/17 12:0 a.m.24 views

PHP and ASP upload vulnerability exploit-vulnerability warning-the black bar safety net

1 pass exploit the principles just for the form format of the upload of asp and php scripts ncnetcat For the submission packet the dos interface to run under: nc-vv www.. com 8 01.txt -vv: echo 8 0: the www port 1.txt: is your data packet to be transmitted use of more methods, please check this...

7.2AI score
Exploits0
myhack58
myhack58
added 2009/11/15 12:0 a.m.24 views

From download. jsp to the root-vulnerability warning-the black bar safety net

The pain of belief According to this structure:'//union//select//1,'admin','admin',1,1,1-password any %@ page import="java. util., java. io."%& gt; % % %-- abysssec inc public material just upload this file with abysssec. jsp and execute your command your command will run as administrator . you c...

0.3AI score
Exploits0
myhack58
myhack58
added 2009/11/13 12:0 a.m.24 views

Discuz! NT 3.0 special circumstances the use of vulnerability-vulnerability warning-the black bar safety net

Test environment: WINDOWS2003+IIS6 Vulnerability version:3.0.0 The use of the process: Prepare a Only ASP. Encrypted named:smxiaoqiangcn. asp Open forum - landing on a post of the account - any area posted by - pointbulk upload You will be prompted to install a Microsoft Silverlight...

Exploits0
myhack58
myhack58
added 2009/11/05 12:0 a.m.24 views

For Kaspersky 2 0 1 0 the free kill study-vulnerability warning-the black bar safety net

Article author: chinafe For Kaspersky 2 0 1 0free to killresearch Kaspersky 2 0 1 0 for digital signing and System File Protection becomes very strict, the registry does not say that after so many years the upgrade is basically no use value, Kaspersky 2 0 1 0 the previous version can modify the...

Exploits0
myhack58
myhack58
added 2009/09/21 12:0 a.m.24 views

Four of the General government, CMS management system vulnerability-vulnerability warning-the black bar safety net

This article has been published in the hack Defense 2 0 0 9. 5 period of,reproduced be sure to keep this information QQ friends of small building to listen to rain to say their school site is using the four through the government grid is set, let me check its safety. Just the hands on work done,...

7.2AI score
Exploits0
myhack58
myhack58
added 2009/09/05 12:0 a.m.24 views

Let the administrator help you restart the machine-vulnerability warning-the black bar safety net

Let the administrator help you restart the machine Sometimes, we go through the database backup a batch to the Startup menu, you want the server on the next restart to run our batch processing. But we, Ah, etc., the server is not restarting, what should I do? Allow administrator to help us restar...

7.8AI score
Exploits0
myhack58
myhack58
added 2009/08/05 12:0 a.m.24 views

Analysis of the asp version of ewebeditor online editor-vulnerability warning-the black bar safety net

Ewebeditor editor is currently divided into asp, aspx, php, jsp four types of programs, various types of ewebeditor version many, powerful quite receiving the user favorite, in domestic use is extremely broad. For the current asp version of the ewebeditor editor vulnerability is mainly divided in...

7.7AI score
Exploits0
myhack58
myhack58
added 2009/06/07 12:0 a.m.24 views

UDEV local overflow exploit hand-vulnerability warning-the black bar safety net

Authors: professional owe money This time UDEV overflow vulnerability is to fire, on the virtual machine do the following test and found that indeed very easy to use. Looks like a pass to kill a wide range of 1. saved as a shell file, you can also casually named, for example, I later named a 2...

7.7AI score
Exploits0
myhack58
myhack58
added 2009/05/15 12:0 a.m.24 views

ShellCode writing example-break through the firewall to the ShellCode-exploit warning-the black bar safety net

Text/figure ww0830 Now on the network to get the console ShellCode either on the target machine to open a port, wait for the attacker is connected; either let the target machine actively connected to the attacker's host, commonly known as a reverse connection. But the former method will generally...

7.2AI score
Exploits0
myhack58
myhack58
added 2009/05/12 12:0 a.m.24 views

The legend of the ASP Backdoor-vulnerability warning-the black bar safety net

If Request"pwd"=Userpwd or Request"pwd"="hxhack" then Session"mgler"=Userpwd Today saw the ASP to see their collection of a little basic and the code knows it is to see so the sentence there should be excess Look at the code I've never seen such a written Request"pwd"="hxhack” might be too dish u...

7.4AI score
Exploits0
myhack58
myhack58
added 2009/03/29 12:0 a.m.24 views

Break the TCP/IP filtering to 3 3 8 9 terminal login-vulnerability warning-the black bar safety net

We have to do is Export his registry of the three, the change after the import you can, Back to the Wscript. The Shell window execute the cmd command: D:\a004\tggtwe\. com\UploadSoft\test.exe "regedit-e D:\a004\tggtwe\. com\UploadSoft\1. reg HKEYLOCALMACHINE\SYSTEM\ControlSet001\Services\Tcpip"...

0.6AI score
Exploits0
myhack58
myhack58
added 2009/03/19 12:0 a.m.24 views

Break IE security restrict access to the iframe sub-frame within the local cookie-vulnerability warning-the black bar safety net

Author: aullik5 Today this article is mainly to say the following so a few things: 1. iframe limitations 2. Break the iframe to get the local cookie ideas 3. Use Cross Iframe Trick breakthrough iframe security restrictions My test environment is: IE 7 7.0.5730.13 All of the following content all...

6.8AI score
Exploits0
myhack58
myhack58
added 2009/03/17 12:0 a.m.24 views

IPC$ Password Crack-the-BAT-vulnerability warning-the black bar safety net

Author: TheLostMind Sometimes in the broiler below want to a whole other chickens, with SOCK5 reverse proxy, cumbersome and slow, there are N multi-threaded IPC$password crack tool, but the others filled with soft kill wow, make afree to killIntuit trouble, the city's use cow knife, a little soft...

0.3AI score
Exploits0
myhack58
myhack58
added 2009/03/05 12:0 a.m.24 views

For the Oracle TNS listener attack methods of finishing-vulnerability warning-the black bar safety net

First, depending on the version, the TNS listener may be more susceptible to a variety of types of buffer overflow attacks, these attacks can be in does not provide a user ID and password to be used. For example: in oracle 9i, when a client requests a long servicename,are vulnerable to overflow...

1.3AI score
Exploits0
myhack58
myhack58
added 2009/02/02 12:0 a.m.24 views

53KF online customer service system XSS vulnerability-vulnerability warning-the black bar safety net

Author: xushaopei About 53KF: Online customer service(WWW.53KF.COM is the leading site online customer service system, by the six degrees company, the investment founded, is committed to the achievement of the largest web dialogue tool provider. There have been 2 2 million site users in the use o...

0.1AI score
Exploits0
myhack58
myhack58
added 2009/01/07 12:0 a.m.24 views

Discuz! 6. x/7. x SODB-2 0 0 8-1 3 Exp full automatically obtain the SHELL with the log-vulnerability warning-the black bar safety net

================Discuz.php========================= !/ usr/bin/php ? php / Discuz! 6. x/7. x SODB-2 0 0 8-1 3 Exp By www.80vul.com Notes the value of the variable, add your own modifications / if $argc3 printr' -------------------------------------------------------------------------------- Usage...

6.9AI score
Exploits0
Total number of security vulnerabilities5000