Lucene search
K
SeebugRecent

56796 matches found

seebug.org
seebug.org
added 2016/03/22 12:0 a.m.18 views

D-link路由器/platform.cgi任意用户登陆漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/22 12:0 a.m.16 views

施耐德 Modicon M340 PLC Web登录验证栈溢出漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/22 12:0 a.m.481 views

用友NC综合办公系统 /service/~iufo/com.ufida.web.action.ActionServlet 用户信息泄露

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/22 12:0 a.m.16 views

Wordpress RedSteel Theme-download.php任意文件下载漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/22 12:0 a.m.59 views

用友GRP-U8 系统登陆处参数UserNameText 存在SQL注入

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/22 12:0 a.m.27 views

用友的优普U8系统 /Server/CmxUser.php sql盲注

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/21 12:0 a.m.19 views

wordpress 插件 site-import V1.0.1 文件包含漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/21 12:0 a.m.22 views

phpshe v1.1 index.php存在本地包含漏洞可getshell

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/21 12:0 a.m.11 views

cisco统一计算系统管理器UCS Manager 2.11b Shellshock

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/21 12:0 a.m.14 views

phpmywind admin/infoclass_save.php第二处sql注入

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/21 12:0 a.m.24 views

WordPress Bulk Delete Plugin 5.5.3 - 提权

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/21 12:0 a.m.31 views

FineCMS企业最新版本后台post SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/21 12:0 a.m.25 views

DuomiCms多处SQL注入

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/21 12:0 a.m.11 views

phpmywind /admin/paymode_save.php sql注入

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/21 12:0 a.m.21 views

Libsys图书管理系统/include/config.properties 信息泄漏

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/21 12:0 a.m.17 views

phpmywind admin路径下多处sql注入

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.231 views

泛微OA系统 /ServiceAction/com.eweaver.base.security.servlet.LoginAction 参数keywordid SQL注入漏洞

0x01漏洞简介 泛微OA系统在/ServiceAction/com.eweaver.base.security.servlet.LoginAction处对参数keywordid过滤不严格,导致出现SQL注入漏洞。远程攻击者可以利用该漏洞读取敏感信息。 0x02漏洞详情 http://...:9085/ServiceAction/com.eweaver.base.security.servlet.LoginAction?action=getLabelNameByKeyId&keywordid=402881e43c2385 正常页面 提示请输入用户名 输入' and 'a'='a...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.27 views

齐博CMS考试系统 exam_order.php 参数and SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.56 views

用友优普U8系统 /Server/CmxGetAppNameByUserName.php等2处 SQL注入漏洞

0x01漏洞简介 用友优普U8系统在以下2处存在SQL注入漏洞: 1/Server/CmxGetAppNameByUserName.php 参数User 2/Server/CmxCS.php 参数pgid 远程攻击者无需登陆,可以利用该漏洞执行SQL指令。 0x02漏洞利用 1sql注入1 sqlmap.py -u "...:8080/Server/CmxCS.php?pgid=CSRemove" --dbms mysql --technique T --cookie "RASAdminUserInfoUserName=1" --data "CSID=1&CSID=1" -p CSID ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.17 views

天空教室精品系统 /sc8/coursefiledownload 参数 filepath 任意文件下载漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.18 views

Nongyou政务系统/newsymItemView/DynamicItemView.aspx等2处 SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.12 views

上海天柏在线培训系统 /WebPage/Paying.aspx 等11处 SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.30 views

Nongyou政务系统 hnzc.aspx 参数CountryName SQL注入漏洞

0x01漏洞简介 Nongyou政务系统采用的ASPX+MYSQL架构,其在/hnzc.aspx处的参数CountryName注入漏洞,远程攻击者可以结合回显报错的方式执行SQL指令。 0x02漏洞详情 山东农友软件公司开发的农业监管系统存在一处SQL注入 我就只演示1个站了 ...:8200/hnzc.aspx?CountryName=%e6%96%87%e7%99%bb%e5%b8%82&level=1 0x03修复方案 过滤。...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.14 views

EduWind在线教育建站系统 MeController.php 逻辑漏洞可导致上传shell

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.35 views

Shop7z v2.9 showmessage.asp 文件 id 参数SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.14 views

科创CMS /cms/voteManager/voteaction.jsp 通用型Oracle注入

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.17 views

cmseasy demo.php 反射型XSS漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.18 views

ThinkPHP 模板常量__SELF__ XSS漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.57 views

E-TILLER期刊采编系统/ch/reader/wait_published_articles.aspx等8处 POST注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.88 views

AnyMacro邮件系统 webmailgo.php 存储xss漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.19 views

Nongyou政务系统 cwgkview.aspx 参数 tname SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.42 views

yershop多用户商城系统 Driver.class.php等多处SQL注入漏洞

0x01漏洞简介 yershop是采用thinkphp框架开发的一套商城系统。其在以下3处存在SQL注入漏洞: 1Driver.class.php 可以通过以下的payload进行注入: index.php?c=Article&a=index&category0==1 or updatexml1,concat1,select concatuser,1,version,1%23in&category1=xxxx 2TuanController.class.php 可以通过以下的payload进行注入: /index.php?c=Tuan&a=category&id0==1 or...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.22 views

TodayMail邮箱系统 邮件标题和正文 存储XSS

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.36 views

cmseasy 5.6 index.php 网站路径泄露漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.32 views

Timber E-learning在线考试系统后台 /Paper/Paper_Manage.aspx 等13处 SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.24 views

科创CMS addLinks_do.jsp 参数siteid SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.18 views

EduWind在线教育建站系统 groupindexcategory 参数categoryId SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.65 views

蝉知企业门户 control.php 任意文件读取漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.35 views

TurboMail BulletinAjax.java 等多处SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.38 views

盈世Coremail XT3.0版 发件人地址处 存储型XSS

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.52 views

科创CMS /web/doc_hit.jsp等3处 SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.52 views

E-TILLER期刊采编系统 留言登录处/ch/guestbook/Login.aspx 参数GM_NAME POST注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.17 views

LZXSZXYXT乐知行数字校园系统 /oa/calendar/exportExcel.do等5处 SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.17 views

天空教室精品系统 /sc8/page/schoolspace/course/academycourse-view.do等4处 SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.19 views

Timber E-learning在线考试系统商业版 /Web/User_Sort_List.aspx等8处 SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.29 views

Timber E-learning在线培训系统政府版/Web/New.aspx 等9处 SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.40 views

Timber E-learning 天柏在线考试系统 Exam_List.aspx 参数typeid SQL注入漏洞

0x01漏洞简介 Timber E-learning 天柏在线考试系统在/Web/ExamList.aspx由于对参数typeid过滤不严,导致出现SQL注入漏洞。远程攻击者可以结合错误回显的方式执行SQL指令,获取敏感信息。 0x02漏洞利用 以下面为例子: http:///Web/ExamList.aspx?typeid=141 and dbname0 0x03修复方案 过滤,或使用参数化的SQL语句。...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.15 views

方维O2O系统 后台越权漏洞泄露用户详细地址

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.15 views

Mao10cms v3.5.2 /theme/default/public/head-uesr.php等5处 SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.17 views

ILASIII 数字化图书管理系统 RdrRInforDetail.aspx 参数Name SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
Total number of security vulnerabilities56796