Lucene search
K
SeebugMost viewed

56796 matches found

seebug.org
seebug.org
added 2010/01/10 12:0 a.m.315 views

phpwind 7.5 apps/share/index.php远程包含漏洞

PHPWind 论坛系统 是一套采用 php+mysql 数据库 方式运行并可生成 html 页面的全新且完善的强大系统。因具有非凡的访问速度和卓越的负载能力而深受国内外朋友的喜爱。 Zoomeye Dork apps/share/index.php 里$route和$basePath变量没有初始化,导致远程包含或者本地包含php文件,导致执行任意php代码 ?php if $route == "share" requireonce $basePath . '/action/mshare.php'; elseif $route == "sharelink" requireonce...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/02/20 12:0 a.m.315 views

Microsoft IIS文件更改通知本地权限提升漏洞(MS08-005)

BUGTRAQ ID: 27101 CVECAN ID: CVE-2008-0074 Microsoft Internet信息服务(IIS)是Microsoft Windows自带的一个网络信息服务器,其中包含HTTP服务功能。 IIS处理FTPRoot、NNTPFile\Root和WWWRoot文件夹中文件变化通知的方式存在本地权限提升漏洞,成功利用这个漏洞的攻击者可以在本地系统安全环境中执行任意指令。 Microsoft IIS 7.0 Microsoft IIS 6.0 Microsoft IIS 5.1 Microsoft IIS 5.0 临时解决方法: 在Windows...

7.2CVSS6.4AI score0.05405EPSS
Exploits1
seebug.org
seebug.org
added 2015/09/09 12:0 a.m.314 views

施耐德(Schneider) PLC 以太网模块固件后门

通过分析设备固件可以得知,文件系统中包含硬编码方式保存的用户凭证信息。 这些信息主要用于提供对外的FTP服务升级服务。 其中,问题代码位于/FLASH0/wwwroot/classes/SACommjar 包中,具体的Package路径: com.schneiderautomation.misc.TextFiles的第266行至268行位置。 package com.schneiderautomation.misc; import com.schneiderautomation.ftpsession.FTPSession; import...

10CVSS6.5AI score0.0404EPSS
Exploits1
seebug.org
seebug.org
added 2013/11/05 12:0 a.m.314 views

xampp 1.7.3 /xampp/showcode.php 任意文件下载漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/08/27 12:0 a.m.312 views

FreeBSD ftpd 'setusercontext()'远程特权提升漏洞

Bugraq ID: 36119 FreeBSD是一款开放源代码基于BSD的操作系统。 FreeBSD 'ftpd'存在远程特权提升问题,远程攻击者可以利用漏洞突破chroot封锁获得系统敏感信息或进行拒绝服务攻击。 BSD传承的操作系统一般都包含用于设置用户上下文的函数,如 FreeBSD 5.0和7.0包含的setusercontext函数: setusercontextlc, pw, uidt0, LOGINSETLOGIN|LOGINSETGROUP|LOGINSETPRIORITY| LOGINSETRESOURCES|LOGINSETUMASK;...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.310 views

SoX - (.wav) Local Buffer Overflow Exploiter

No description provided by source. //--------------------------------- Begin Code: sox-exploiter.c --------------------------------- / Copyright Rosiello Security 2004 http://www.rosiello.org CVE Reference: CAN-2004-0557 Bug Type: Stack Overflow Date: 01/08/2004 Ulf Harnhammar reported that there...

10CVSS0.2508EPSS
Exploits7
seebug.org
seebug.org
added 2009/08/06 12:0 a.m.309 views

Apple Mac OS X 2009-003修补多个安全漏洞

Bugraq ID: 35954 CVE ID:CVE-2009-1723 CVE-2009-1726 CVE-2009-1727 CVE-2009-0151 CVE-2009-1728 CVE-2009-2188 CVE-2009-2190 CVE-2009-2191 CVE-2009-2192 CVE-2009-2193 CVE-2009-2194 CNCVE ID:CNCVE-20091723 CNCVE-20091726 CNCVE-20091727 CNCVE-20090151 CNCVE-20091728 CNCVE-20092188 CNCVE-20092190...

10CVSS0.09454EPSS
Exploits5
seebug.org
seebug.org
added 2006/12/06 12:0 a.m.309 views

Artlinks MosConfig_Absolute_Path远程文件包含漏洞

Mambo Artlinks是一款基于Mambo的链接应用程序。 Mambo Artlinks不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是'artlinks.dispnew.php'脚本对用户提交的"mosConfigabsolutepath"参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 Mambo Artlinks Component http://mamboxchange.com/projects/mambatstaff/...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2018/02/02 12:0 a.m.308 views

PHP CVE-2018-5711 - Hanging Websites by a Harmful GIF

Recently, I reviewed several Web frameworks and language implementations, and found some vulnerabilities. This is an simple and interesting case, and seems easy to exploit in real world! Affected All PHP version PHP 5 firstcode = sd-oldcode = 461 GetCodefd, &sd-scd, sd-codesize, FALSE,...

6.6AI score0.13204EPSS
Exploits1
seebug.org
seebug.org
added 2009/07/07 12:0 a.m.308 views

Apache mod_proxy反向代理拒绝服务漏洞

BUGTRAQ ID: 35565 CVECAN ID: CVE-2009-1890 Apache HTTP Server是一款流行的Web服务器。 如果配置了反向代理的话,在Apache HTTP Server的modproxy模块中,modproxyhttp.c的streamreqbodycl函数没有正确地处理数量超过了 Content-Length值的流数据。远程攻击者可以通过向受影响的代理进程发送特制的请求导致耗尽大量的CPU资源。 Apache 2.2.x 厂商补丁: Apache Group ------------...

7.1CVSS7.6AI score0.16159EPSS
Exploits2
seebug.org
seebug.org
added 2018/04/18 12:0 a.m.307 views

Weblogic反序列化远程代码执行漏洞(CVE-2018-2628)

Oracle WebLogic Server has CVE-2018-2628 CVSS Base Score: 9.8 – Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. The easily exploitable...

7.5CVSS3.2AI score0.99448EPSS
Exploits69
seebug.org
seebug.org
added 2006/10/25 12:0 a.m.307 views

Cisco IOS GRE报文路由选项解析溢出漏洞

Cisco互联网操作系统(IOS)是Cisco设备所使用的操作系统。 Cisco Systems IOS在解析包含有GRE源路由信息的GRE报文时存在漏洞,远程攻击者可能导致设备处理报文出错。 如果收到了特制的GRE报文的话,IOS设备没有验证偏移字段是否指向报文内,如果偏移值被设置为负值,IOS直接从包含有IP报文全长的整数中减去了偏移,导致缓冲区访问越界溢出。这可能导致将报文环缓冲区(ring buffer)的其他内存内容解释为负载IP报文并以很大的长度信息重新注入到路由队列中: GRE decapsulated IP 0.3.74.0-0.0.1.30 len=65407,...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2017/09/20 12:0 a.m.305 views

Apps industrial OT over Server: Anti-Web Local File Inclusion(CVE-2017-9097)

Exploit Title: Apps industrial OT over Server: "Anti-Web 3.x.x 3.8.x" vuln: Local File Inclusion Date: 15/05/2017 Exploit Author: Bertin Jose @bertinjoseb && Fernandez Ezequiel @capitanalfa Vendor: Multiples vendors Category: Industrial OT webapps + DESCRIPTION: vulnerability: LFI Local File...

10CVSS9.4AI score0.03731EPSS
Exploits3
seebug.org
seebug.org
added 2015/09/21 12:0 a.m.305 views

Nibbleblog 4.0.3 admin.php CSRF

No description provided by source. this." document.getElementById"myForm".submit;...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.305 views

Plesk < 9.5.4 - Zeroday Remote Exploit

No description provided by source. Plesk Apache zeroday / June 2013 discovered & exploited by kingcope this Plesk configuration setting makes it possible: scriptAlias /phppath/ /usr/bin/ Furthermore this is not cve-2012-1823 because the php interpreter is called directly. no php file is called...

7.5CVSS10AI score0.99998EPSS
Exploits42
seebug.org
seebug.org
added 2012/01/31 12:0 a.m.305 views

Apache Tomcat 7.0.0-7.0.21,6.0.30-6.0.33 安全绕过漏洞导致信息泄露

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2011/05/04 12:0 a.m.305 views

Linux Kernel DRM IOCTL本地内存破坏漏洞

Bugtraq ID: 47639 CVE ID:CVE-2011-1013 Linux是一款开放源代码的操作系统。 drmmodesetctl没有正确校验输入参数。这个问题是因为crtc变量为符号类型,向modeset参数结构传递足够大的值会以负数处理,并且可绕过之后正确的范围检查。此变量之后用于索引变量,可导致越界写入零整数。 SuSE SUSE Linux Enterprise High Availability Extension 11 SP1 SuSE SUSE Linux Enterprise Desktop 11 SP1 SuSE openSUSE 11.4 OpenBSD...

7.2CVSS0.6AI score0.0041EPSS
Exploits2
seebug.org
seebug.org
added 2008/01/29 12:0 a.m.305 views

bubbling library 1.32 dispatcher.php Remote File Disclosure Vulnerabilities

No description provided by source. bubbling library v1.32 Remote File Disclosure Vulnerabilities Download script : http://sourceforge.net/project/showfiles.php?groupid=192730 Author : Stack-Terrorist v40 Email : [email protected] Home : http://www.v4-team.com exploit : http://localhost/ script...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/07/11 12:0 a.m.304 views

WordPress-Mailpress action.php a remote code execution vulnerability

Details source: Heavenly lab Description Mailpress is one of the more popular mail plugin. Plugin Directory: https://wordpress.org/plugins/mailpress/ Official website: http://blog.mailpress.org This vulnerability has been in the 2016 06 on 21 may communicate the information to wordpress. 0x01...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2014/10/10 12:0 a.m.304 views

OpenVPN 2.2.29 - ShellShock Exploit

No description provided by source. Exploit Title: ShellShock OpenVPN Exploit Date: Fri Oct 3 15:48:08 EDT 2014 Exploit Author: hobbily AKA @fj33r Version: 2.2.29 Tested on: Debian Linux CVE : CVE-2014-6271 Probably should of submitted this the day I tweeted it. server.conf port 1194 proto udp dev...

10CVSS9.7AI score0.99999EPSS
Exploits131
seebug.org
seebug.org
added 2016/03/06 12:0 a.m.303 views

用友 GRP-u8 /UploadFile 任意文件上传

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.303 views

Mambo cropimage Component <= 1.0 - Remote File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class MambocropimageComponentRemoteFileIncludePOCBase: vulID = '63857' version = '1' vulDate = '2006-08-19'...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/06/24 12:0 a.m.303 views

华天动力OA任意文件读取

简要描述: Just another bug. 详细说明: 以官网http://demo.oa8000.com/为例, user:123456 登陆后, 向 http://demo.oa8000.com/OAapp/WebObjects/OAapp.woa/wa/TraceOpenPage POST如下参数: fileType=txt&jumpToPage=HtFile0141&initFromJsp=true&filePath=C%3A%2Fboot.ini&updateFlg=false 将filePath更改为待读取文件的绝对路径即可。 漏洞证明:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/10/16 12:0 a.m.303 views

Microsoft IIS FTP服务器递归列表拒绝服务漏洞(MS09-053)

BUGTRAQ ID: 36273 CVE ID: CVE-2009-2521 Microsoft Internet信息服务(IIS)是Microsoft Windows自带的一个网络信息服务器,其中包含HTTP服务功能。 IIS的FTPd的Glob功能在处理递归目录列表请求时存在栈溢出漏洞,拥有对目录写访问权限的远程攻击者可以通过提交包含有通配符(如“”)的请求触发这个溢出,导致FTP服务崩溃。 Microsoft IIS 7.0 Microsoft IIS 6.0 Microsoft IIS 5.1 Microsoft IIS 5.0 临时解决方法:...

2.6CVSS6.9AI score0.82265EPSS
Exploits9
seebug.org
seebug.org
added 2007/02/21 12:0 a.m.302 views

deV!Lz Clanportal [DZCP] &lt;= 1.4.5 Remote File Disclosure Vulnerability

No description provided by source. DZCP Devilz Clanportal = 1.4.5 Mysql Data viewable Found by: Kiba Solution: Install security Fix! Exploit: http://SITE/PATH/inc/filebrowser/browser.php?file=inc/mysql.php Example: http://www.example.com/dzcp/inc/filebrowser/browser.php?file=inc/mysql.php...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/09/02 12:0 a.m.301 views

Google Chrome 'Math.Random()'随机数生成漏洞

Bugraq ID: 36185 Google Chrome是一款流行的WEB浏览器。 Google Chrome 'Math.Random'随机数生成函数存在安全问题,允许应用程序生成弱随机数,攻击者可以利用漏洞获得敏感信息或获得未授权访问。 Google Chrome 3.0 Beta 目前没有详细解决方案提供: http://www.google.com/chrome ?php define"MAXJSMILEAGE",10000; $two31=bcpow2,31; $two32=bcpow2,32; function adv$x global $two31; return...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2008/07/31 12:0 a.m.301 views

Pligg &lt;= 9.9.0 Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl -w use LWP::UserAgent; use MIME::Base64; use Digest::MD5 qwmd5hex; use Getopt::Std; getopts'h:', %args; print "\n"; print " Pligg = 9.9 Remote Code Execution Exploit \n"; print "\n"; dork = "Powered By Pligg" + "Legal: License and Source" Proxy...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.300 views

nginx 1.4.0 64-bit - Remote Exploit for Linux (Generic)

No description provided by source. nginx = 1.4.0 exploit for CVE-2013-2028 by sorbo Fri Jul 12 14:52:45 PDT 2013 ./brop.rb 127.0.0.1 for remote hosts: ./frag.sh ip ./brop.rb ip rm state.bin when changing host or relaunching nginx with canaries scan.py will find servers, reading IPs from ips.txt...

7.5CVSS0.1AI score0.87475EPSS
Exploits15
seebug.org
seebug.org
added 2021/08/11 12:0 a.m.299 views

Cisco多款VPN路由器管理界面授权RCE漏洞(CVE-2021-1414)

...

6.5CVSS0.8AI score0.01863EPSS
Exploits2
seebug.org
seebug.org
added 2015/03/12 12:0 a.m.299 views

PHPEMS多处存在水平权限问题

简要描述: PHPEMS多处存在水平权限问题 详细说明: 7.多处逻辑漏洞导致平行权限问题 Phems中多处存在平行权限问题,因为要杜绝这个问题必须每次数据库操作都要带上sessionuser但是phems的程序员却非常不配合,导致了多处存在平行权限的问题,我查阅了/app/exam/app.php这一页代码,给出具体出现的问题如下 1. 2108行附近 //删除一个错题记录// 平行权限漏洞 case 'delrecord': $recordid = $this-ev-get'questionid'; $this-favor-delRecord$recordid;...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/03/27 12:0 a.m.299 views

cmstop 远程代码执行漏洞(大众版)

简要描述: 详细说明: 具体代码分析 在search\controller\index.php中 search方法如下 public function search sessionstart ; $limit = setting "search", "limit" ; if $limit if $SESSION'lastsearch' && TIME - $SESSION'lastsearch' showmessage "搜索太频繁,请稍候再搜索" ; $SESSION'lastsearch' = TIME; $GLOBALS'GET''wd' = pregreplace "/\s+/"...

7AI score
Exploits0
seebug.org
seebug.org
added 2006/08/16 12:0 a.m.299 views

Mambo CopperminePhotoGalery Component Remote Include Vulnerability

No description provided by source. CopperminePhotoGallery Component Found By k1tk4t Indonesia This bug allows a remote atacker to execute commands via RFI file: cpg.php bug: require $mosConfigabsolutepath."/administrator/components/comcpg/config.cpg.php"; path: add in cpg.php defined 'VALIDMOS' o...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/10/23 12:0 a.m.298 views

Opera &lt;= 9.60 Stored Cross Site Scripting Vulnerability

No description provided by source. ======================================================================= = Opera Stored Cross Site Scripting Vulnerability = = Vendor Website: = http://www.opera.com = = Affected Version: = -- All desktop versions = = Public disclosure on 22nd October 2008 =...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2017/06/26 12:0 a.m.297 views

Vivotek Network Camera arbitrary file reading and command execution vulnerability

Author: Super viagra the blue cat Within the network there are some Vivotek network camera, as a monitor. Direct access to the 80 port of the Web service, the Configure - maintenance - import/export file to export the configuration file, get a contains etc folder of the tar package. From a...

10CVSS8.7AI score0.82455EPSS
Exploits1
seebug.org
seebug.org
added 2008/05/12 12:0 a.m.297 views

MySQL MyISAM表绕过权限检查漏洞

BUGTRAQ ID: 29106br / CVECAN ID: CVE-2008-2079br / br / MySQL是一款使用非常广泛的开放源代码关系数据库系统,拥有各种平台的运行版本。br / br / 当用户在MySQL数据库中以以下选项创建MyISAM表时:br / br / CREATE TABLE DATA DIRECTORY ... INDEX DIRECTORY ...br / br / 就可能覆盖MySQL数据目录中的已有表格文件,绕过权限检查在其他数据库中创建表格。br / br / MySQL AB MySQL 5.0 MySQL AB MySQL 4.x...

4.6CVSS7.8AI score0.02588EPSS
Exploits2
seebug.org
seebug.org
added 2007/03/17 12:0 a.m.297 views

CA BrightStor ARCserve (msgeng.exe) Remote Stack Overflow Exploit

No description provided by source. !/usr/bin/python This one was listed in the SANS TOP 20 and I needed an exploit for analysis. I couldnt find a reliable exploit for my analysis and so came up with this. Remote exploit for the CA BrightStor msgeng.exe service stack overflow vulnerability as...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/10/08 12:0 a.m.296 views

DedeCMS 5.7 plus/guestbook.php 注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/03/16 12:0 a.m.296 views

TurboMail <=6.0.0 /mailmain 任意文件下载漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2012/11/30 12:0 a.m.296 views

Linux Kernel hypervkvpd 'hv_kvp_daemon.c' Netlink报文处理拒绝服务漏洞

Bugtraq ID:56710 CVE ID:CVE-2012-5532 Linux是一款开源的操作系统。 当处理伪造的Netlink报文时,会导致hypervkvpd退出,本地攻击者可以利用漏洞发送非零nlpid源地址Netlink消息使系统崩溃。 0 Linux kernel 2.6.x 厂商解决方案 用户可参考如下厂商提供的安全公告获得补丁信息: https://git.kernel.org/?p=linux/kernel/git/gregkh/char-misc.git;a=commit;h=95a69adab9acfc3981c504737a2b6578e4d846ef...

4.9CVSS6.4AI score0.00407EPSS
Exploits1
seebug.org
seebug.org
added 2014/09/23 12:0 a.m.295 views

某版本JEECMS后台存在通用struts2命令执行漏洞可批量getshell

简要描述: 某版本JEECMS后台存在通用struts2命令执行漏洞。 可通过谷歌搜索关键字inurl:login/jeecms.do,可获得多个存在st2的漏洞网站! 详细说明: 漏洞网站太多,以下只列举了几例 img src="https://images.seebug.org/upload...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/01/14 12:0 a.m.295 views

Apache 'mod_proxy_balancer'存在多个漏洞

BUGTRAQ ID: 27236 CVE ID:CVE-2007-6420 CVE-2007-6421 CVE-2007-6422 CVE-2007-6423 CNCVE ID:CNCVE-20076420 CNCVE-20076421 CNCVE-20076422 CNCVE-20076423 Apache HTTP Server是一款开放源码的WEB服务程序。 Apache HTTP Server包含的modproxybalancer模块存在输入验证问题,远程攻击者可以利用漏洞进行跨站脚本,CSRF,拒绝服务等攻击。 1,由于所有行为通过GET访问执行,存在“CSRF”攻击。...

7.8CVSS0.3AI score0.09951EPSS
Exploits1
seebug.org
seebug.org
added 2016/11/10 12:0 a.m.294 views

Win32k elevation of privilege vulnerability MS16-135)(CVE-2016-7255)

If the Windows kernel-mode drivers do not properly handle objects in memory, then there will be multiple elevation of Privilege vulnerabilities. Successful exploitation of this vulnerability an attacker can run in kernel mode arbitrary code. An attacker could then install programs; view, change, ...

7.2CVSS7.9AI score0.80968EPSS
Exploits24
seebug.org
seebug.org
added 2013/11/08 12:0 a.m.293 views

wdcp虚拟主机管理系统注入漏洞

简要描述: wdcp服务器/虚拟主机管理系统 注入漏洞 详细说明: wdcp服务器/虚拟主机管理系统登陆框注入漏洞。 passwd字段存在注入风险,选择限制字符长度为30.我想应该有大牛能绕过! 漏洞证明:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/05/20 12:0 a.m.293 views

PostgreSQL PL/perl和PL/tcl存储过程绕过安全限制漏洞

BUGTRAQ ID: 40215 CVE ID: CVE-2010-1169,CVE-2010-1170,CVE-2010-1447 PostgreSQL是一款高级对象-关系型数据库管理系统,支持扩展的SQL标准子集。 PostgreSQL的PL/perl和PL/tcl存储过程中存在错误的权限检查,用户可以绕过pltclmodules表等安全限制执行任意 Perl或Tcl脚本。 PostgreSQL 8.4 PostgreSQL 8.3 PostgreSQL 8.2 PostgreSQL 8.1 PostgreSQL 8.0 PostgreSQL 7.4 厂商补丁: PostgreSQ...

8.5CVSS9.1AI score0.04081EPSS
Exploits2
seebug.org
seebug.org
added 2007/01/13 12:0 a.m.293 views

Cisco IOS数据链路交换拒绝服务漏洞

Cisco IOS的数据链路交换(DLSw)功能允许通过IP网络传输IBM系统网络架构(SNA)和网络基础输入/输出系统(NetBIOS)通讯。 Cisco IOS DLSw功能在协调交互过程中处理某些无效选项时存在漏洞,远程攻击者可能利用此漏洞执行拒绝服务攻击,导致设备重载。 创建DLSw通讯包括以下几个操作阶段。 1. 在第一阶段,DLSw对等端通过TCP 2065或2067端口相互创建两个TCP连接,这些TCP连接是DLSw通讯的基础。 2. 创建连接之后DLSw伙伴在第二阶段交换所支持功能的列表,这有助于对等端使用相同的选项,如果DLSw伙伴由不同厂商生产的话这一点尤其重要。 3...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2021/08/13 12:0 a.m.292 views

华域reporter 命令注入漏洞

...

0.9AI score
Exploits0
seebug.org
seebug.org
added 2016/01/28 12:0 a.m.292 views

夏普 Sharp MX-M264FP 复印机未授权访问

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2011/05/01 12:0 a.m.292 views

Discuz!NT 2.*-3.5.2 SQL注入漏洞

Discuz!NT 是康盛创想Comsenz旗下的一款功能强大的基于 ASP.NET 平台的社区软件。ajaxtopicinfo.ascx用户控件 poster SQL注入漏洞。结合ajax.aspx调用任意用户控件漏洞 admin/UserControls/ ajaxtopicinfo.ascx 函数 GetCondition WebsiteManage.cs //62 行 if posterlist != "" string poster = posterlist.Split','; condition += " AND poster in "; string tempposerli...

7AI score
Exploits0
seebug.org
seebug.org
added 2006/10/27 12:0 a.m.292 views

IBM AIX Inventory Scout本地任意文件覆盖漏洞

IBM AIX是一款商业性质的UNIX操作系统。 IBM AIX的invscoutClientVPDSurvey在执行重要产品数据库调查时存在错误,可能允许本地攻击者覆盖任意文件的内容从而导致拒绝服务。 IBM AIX 5.3 IBM AIX 5.2 临时解决方法: 如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁: 删除invscoutClientVPDSurvey的setuid位: chmod 555 /opt/IBMinvscout/bin/invscoutClientVPDSurvey 厂商补丁: IBM ---...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2014/04/04 12:0 a.m.291 views

泛微E-office OA管理系统通过sql注入可以任意真实用户名免密码登陆

简要描述: 泛微E-office OA管理系统通过sql注入可以任意真实用户名免密码登陆 详细说明: 以泛微官方测试站点为例 登陆页面为 http://eoffice8.weaver.cn:8028/login.php 则可注入的网址为 http://eoffice8.weaver.cn:8028/building/urlurl.php 直接访问显示access denied, 使用hackbar。post内容中,url为general/index.php,smsid为注入sql,内容为1 union select...

7.1AI score
Exploits0
Total number of security vulnerabilities5000