56796 matches found
方维团购 v4.3 /index.php SQL注入漏洞
No description provided by source...
Maxcms /inc/ajax.asp id参数SQL注入漏洞
No description provided by source...
正方协同办公系统/zfoa/dataExport.do 存在信息泄露漏洞
其实这个不是教务的,是协同办公的漏洞 问题文件:/zfoa/dataExport.do?xmlike=&bmlike= post参数:theAction=save¶meter.delId=&realTable=jsgrxx&tableName=jsgrxx&pageno=&preCurrentPage=1&cookiesName=jsgrxxlist&ycSearch= 表名即realTable和tableName bmdm:短信发送表 jsgrxx:联系人表 yhzb:用户表 gwxxb:涉密发文表 swxxb:涉密公文收文表 clxxb:车辆申请表 cpjb:呈批件表...
泛微 E-mobile flowsorce_page.php 注入漏洞
No description provided by source...
Ubuntu 14.04 LTS, 15.10 overlayfs - Local Root Exploit
No description provided by source. / just another overlayfs exploit, works on kernels before 2015-12-26 Exploit Title: overlayfs local root Date: 2016-01-05 Exploit Author: rebel Version: Ubuntu 14.04 LTS, 15.10 and more Tested on: Ubuntu 14.04 LTS, 15.10 CVE : CVE-2015-8660 blah@ubuntu:$ id...
AnyMacro G7 版本存储型XSS
简要描述: RT 详细说明: 邮件系统的网盘功能-文件中心-上传文件-共享文件功能存在存储型XSS漏洞 首先,上传一个文件,修改文件名为alertdocument.cookie.php 接着共享该文件,点击该链接即可触发该漏洞 漏洞证明: 邮件系统的网盘功能-文件中心-上传文件-共享文件功能存在存储型XSS漏洞 首先,上传一个文件,修改文件名为alertdocument.cookie.php 接着共享该文件,点击该链接即可触发该漏洞...
WordPress AzonPop插件1.0.0版本在/wp-content/plugins/AzonPop/files/view/showpopup.php存在SQL注入漏洞
No description provided by source...
FTPShell Client 5.24 - Add to Favorites Buffer Overflow
No description provided by source...
AspCMS V2.5.2 /aspcms252.asp 数据库泄露漏洞
0x01 框架介绍 ASPCMS是基于ASP+Accesssql2000开发的网站内容管理系统,提供了简介类模块,新闻类模块,产品类模块,图片类模块,下载类模块。 官方主页: http://www.aspcms.com/forum.php 0x02 漏洞细节 ASPCMS最新版2.5.2以及ASPCMS2.3.x都存在这个问题,应该是通杀 在ASPCMS2.3.x中,ASPCMS的数据库在/data/目录下,为了防止数据库被下载,把数据库文件data.mdb重新命名为data.asp,由于设置不当,使用%23编码即可绕过访问,导致信息泄漏:...
jeecms前台在/member/o_upload_image.jspx存在文件上传漏洞
No description provided by source...
CSDJCMS系统 app/controllers/user/pay.php SQL注入漏洞
No description provided by source...
YouYaX V5. 85 /Lib/BidAction.php SQL injection vulnerability
No description provided by source...
Canon imageRUNNER printer 弱口令
No description provided by source...
ThinkSNS V2.8 \api\StatusesApi.class.php 任意文件上传漏洞
No description provided by source...
ThinkSNS修改任意账号用户名和密码(包括管理员)
No description provided by source...
双杨OA系统 /DSOA_TY/Office_Supplies/Goods_In.aspx SQL注入漏洞
No description provided by source...
ThinkSNS public/minify.php 任意文件包含漏洞
漏洞信息: ThinkSNS开源微博系统,是智士的开源社交平台。采用PHP+MySQL技术平台,微博+应用的产品模式,同时拥有iphone、android客户端、wap、3G版界面。 ThinkSNS public/minify.php 存在任意文件包含漏洞,可被利用导致敏感信息泄漏。 漏洞分析: 问题在public/minify.php: allowedcontenttypes = array'js','css'; $getfiles = explode',', striptags$GET'f'; //解析参数 $gettype = isset$GET't' &&...
ThinkSNS V2.5 apps\weibo\Lib\Action\OperateAction.class.php SQL注入漏洞
No description provided by source...
ThinkSNS V2.8 apps\wap\Lib\Action\IndexAction.class.php 任意文件上传漏洞
漏洞信息: ThinkSNS开源微博系统,是智士的开源社交平台。采用PHP+MySQL技术平台,微博+应用的产品模式,同时拥有iphone、android客户端、wap、3G版界面。 ThinkSNS V2.8 存在任意文件上传漏洞,可以导致上传shell,并导致服务区沦陷。 漏洞分析: 微博上传图片时只在前端进行验证, 服务器端没有进行安全过滤。 问题在apps\wap\Lib\Action\IndexAction.class.php中263行: if!empty$FILES'pic''name' // 自动发一条图片微博 $data'pic' = $FILES'pic';...
YouYaX V5.66 /ORG/YouYa.php 本地文件包含漏洞
No description provided by source...
YouYaX V5.47 ORG/YouYa.php SQL注入漏洞
No description provided by source...
YouYaX V5.66 /Lib/MessageAction.php SQL注入漏洞
No description provided by source...
ThinkSNS v3 /apps/page/Lib/Action/DiyAction.class.php 任意用户登陆+后台管理绕过
No description provided by source...
泛微OA某处缺陷可遍历和操作系统文件
简要描述: RT 详细说明: 文件位于plugin\ewe\jsp\config.jsp 新建一个文档 删除成功 img src="https://images.seebug...
Apache Axis2 后台默认口令
No description provided by source...
深圳市恩捷建站系统 任意文件上传漏洞
网站建设专家:深圳市恩捷科技有限公司 http://www.szenjie.com/ 百度dork:inurl:fo/home.jsp 反编译文件 WEB-INF/classes/com/ej/ss/common/action/UploadFileAction.class 可以看出,通过获取参数fileType的值,给变量path赋值(上传的路径),之后直接上传。 本地构造上传页面,直接 action 给 http://website/common/uploadFile.do?fileType=productDesc 即可。 getshell 上传成功后,会提示文件路径(或直接访问...
Nongyou政务系统erji.aspx 页面SQL注入漏洞
No description provided by source...
TRS IDS 信息泄露
No description provided by source...
zoomla!逐浪cms在/guest/Ask/MyAskList.aspx处的参数QueType存在SQL盲注漏洞
No description provided by source...
用友Ehr系统的ResetPasswordViewModel模块存在利用XXE读取任意文件漏洞
No description provided by source...
Youyax V5.4.1 lib/contentaction.php SQL注入漏洞
No description provided by source...
wordpress的Stanford theme在wp-content/themes/stvp/jwplayer.php处存在XSS漏洞
wordpress的Stanford theme在wp-content/themes/stvp/jwplayer.php处存在XSS漏洞 响应html内容为: id参数未进行过滤,导致html注入(如上图中'1131'探针位置) 利用链接为: /wp-content/themes/stvp/jwplayer.php?id=%22%3E%3Cscript%3Ealert/sebug/%3C/script%3E...
YiDacms X3.2版在/Yidacms/buy_settlement.asp处存在SQL注入可导致任意刷钱漏洞
No description provided by source...
方维订餐系统shop.php sql注入漏洞
sql报错注入 漏洞位置: /shop.php?ctl=index&act=ajaxpurposestore&purposeid=1 参数purposeid 存在sql注入 poc:/shop.php?ctl=index&act=ajaxpurposestore&purposeid=1%20and%20select//%201%20from//%20select//%20count,concatmd51,floorrand02x%20from//%20informationschema.tables%20group%20by%20xa...
Easy File Sharing Web Server 7.2 - GET HTTP request SEH Buffer Overflow
No description provided by source...
泛微oa /iWebOffice/OfficeServer.php /iWebOffice/OfficeServer2.php 任意文件读取漏洞
No description provided by source...
Joomla 3.x <= 3.4.4模块Content History存在SQL注入漏洞
No description provided by source...
Youyax V5.4.1 lib/indexAction.php SQL注入漏洞
No description provided by source...
泛微oa /webservice/upload.php /webservice/upload/upload.php 等多处任意文件上传
任意文件上传共四处,属于同一个漏洞 文件位置 /webservice/upload.php /webservice/upload/upload.php /webservice-json/upload/upload.php /webservice-xml/upload/upload.php 四处都有如下代码 没有对文件有任何验证,无须登陆 文件上传之后的位置是: $path = $ATTACHPATH.$attachmentID; $fileName = $path."/".$FILES'file''name'; moveuploadedfile $FILES'file''tmpname'...
RuvarOA协同办公软件 get_condiction.aspx SQL注入漏洞
No description provided by source...
MediaWiki 安全绕过漏洞
No description provided by source...
LZXSZXYXT乐知行数字校园系统在showInfoEdit.do的参数Type存在SQL注入漏洞
No description provided by source...
Joomla Jomestate component version 1.0 suffers from a remote SQL injection vulnerability
No description provided by source...
YouYaX V5.47 论坛前台任意账户登入(cookie伪造)漏洞
No description provided by source...
Youyax lib/laudaction.php SQL注入漏洞
No description provided by source...
YouYaX V5.34 /ext/register.php SQL注入漏洞
No description provided by source...
YouYaX v5.85 /Tpl/mobile/home/mypub.html DOM Based XSS
No description provided by source...
YouYaX论坛前台任意账户登入(cookie伪造)漏洞
No description provided by source...
YouYaX v5.37 多个SQL注入漏洞
No description provided by source...
OpenSSH client Information Leak & Buffer Overflow
Since version 5.4 released on March 8, 2010, the OpenSSH client supports an undocumented feature called roaming: if the connection to an SSH server breaks unexpectedly, and if the server supports roaming as well, the client is able to reconnect to the server and resume the suspended SSH session...