e-cology 泛微协同商务系统在/weaver/weaver.email.FileDownloadLocation存在盲注漏洞

No description provided by source...

Maxcms /inc/ajax.asp id参数SQL注入漏洞

No description provided by source...

泛微 E-mobile flowform_page.php 注入漏洞

No description provided by source...

鸿信办公自动化系统/oa/File.aspx和/Page/System/UserDetail.aspx存在遍历漏洞

No description provided by source...

泛微 E-mobile flowsorce_page.php 注入漏洞

No description provided by source...

正方协同办公系统/zfoa/dataExport.do 存在信息泄露漏洞

其实这个不是教务的，是协同办公的漏洞 问题文件:/zfoa/dataExport.do?xmlike=&bmlike= post参数:theAction=save&parameter.delId=&realTable=jsgrxx&tableName=jsgrxx&pageno=&preCurrentPage=1&cookiesName=jsgrxxlist&ycSearch= 表名即realTable和tableName bmdm:短信发送表 jsgrxx:联系人表 yhzb:用户表 gwxxb:涉密发文表 swxxb:涉密公文收文表 clxxb:车辆申请表 cpjb:呈批件表...

WP 插件 Easy2Map Photos 1.0.9 SQL注入漏洞

No description provided by source...

Ruvar人力资源管理系统select_baseinfo.aspx bt_name参数SQL注入漏洞

No description provided by source...

方维团购 v4.3 /index.php SQL注入漏洞

No description provided by source...

教育云公共服务平台系统Newsvideo.aspx NewID参数SQL注入漏洞

注入点 /public/Newsvideo.aspx dbname sqlmap跑出的数据。 用户表...

鸿信办公自动化系统中5.0 版本的ewebeditor默认配置可文件上传漏洞

No description provided by source...

Canon imageRUNNER printer 弱口令

No description provided by source...

YouYaX V5. 85 /Lib/BidAction.php SQL injection vulnerability

No description provided by source...

ThinkSNS public/minify.php 任意文件包含漏洞

漏洞信息： ThinkSNS开源微博系统,是智士的开源社交平台。采用PHP+MySQL技术平台,微博+应用的产品模式,同时拥有iphone、android客户端、wap、3G版界面。 ThinkSNS public/minify.php 存在任意文件包含漏洞，可被利用导致敏感信息泄漏。 漏洞分析： 问题在public/minify.php： allowedcontenttypes = array'js','css'; $getfiles = explode',', striptags$GET'f'; //解析参数 $gettype = isset$GET't' &&...

ThinkSNS V2.8 apps\wap\Lib\Action\IndexAction.class.php 任意文件上传漏洞

漏洞信息： ThinkSNS开源微博系统,是智士的开源社交平台。采用PHP+MySQL技术平台,微博+应用的产品模式,同时拥有iphone、android客户端、wap、3G版界面。 ThinkSNS V2.8 存在任意文件上传漏洞，可以导致上传shell,并导致服务区沦陷。 漏洞分析： 微博上传图片时只在前端进行验证, 服务器端没有进行安全过滤。 问题在apps\wap\Lib\Action\IndexAction.class.php中263行： if!empty$FILES'pic''name' // 自动发一条图片微博 $data'pic' = $FILES'pic';...

双杨OA系统 /DSOA_TY/Office_Supplies/Goods_In.aspx SQL注入漏洞

No description provided by source...

ThinkSNS V2.5 apps\weibo\Lib\Action\OperateAction.class.php SQL注入漏洞

No description provided by source...

ThinkSNS v3 /apps/page/Lib/Action/DiyAction.class.php 任意用户登陆+后台管理绕过

No description provided by source...

ThinkSNS V2.8 \api\StatusesApi.class.php 任意文件上传漏洞

No description provided by source...

YouYaX V5.66 /ORG/YouYa.php 本地文件包含漏洞

No description provided by source...

YouYaX V5.47 ORG/YouYa.php SQL注入漏洞

No description provided by source...

YouYaX V5.66 /Lib/MessageAction.php SQL注入漏洞

No description provided by source...

ThinkSNS修改任意账号用户名和密码（包括管理员）

No description provided by source...

YouYaX v5.85 /Tpl/mobile/home/mypub.html DOM Based XSS

No description provided by source...

YouYaX v5.37 多个SQL注入漏洞

No description provided by source...

OpenSSH client Information Leak & Buffer Overflow

Since version 5.4 released on March 8, 2010, the OpenSSH client supports an undocumented feature called roaming: if the connection to an SSH server breaks unexpectedly, and if the server supports roaming as well, the client is able to reconnect to the server and resume the suspended SSH session...

泛微oa /iWebOffice/OfficeServer.php /iWebOffice/OfficeServer2.php 任意文件读取漏洞

No description provided by source...

RuvarOA协同办公软件 get_condiction.aspx SQL注入漏洞

No description provided by source...

Joomla 3.x <= 3.4.4模块Content History存在SQL注入漏洞

No description provided by source...

方维订餐系统shop.php sql注入漏洞

sql报错注入 漏洞位置： /shop.php?ctl=index&act=ajaxpurposestore&purposeid=1 参数purposeid 存在sql注入 poc:/shop.php?ctl=index&act=ajaxpurposestore&purposeid=1%20and%20select//%201%20from//%20select//%20count,concatmd51,floorrand02x%20from//%20informationschema.tables%20group%20by%20xa...

zoomla!逐浪cms在/guest/Ask/MyAskList.aspx处的参数QueType存在SQL盲注漏洞

No description provided by source...

iGenus mail system 5. 0 and the following version in the login. php at the presence of XSS vulnerabilities

No description provided by source...

AnyMacro Mail LOGIN_USER_INCLUDE 任意文件读取漏洞

No description provided by source...

TRS IDS 信息泄露

No description provided by source...

泛微OA某处缺陷可遍历和操作系统文件

简要描述： RT 详细说明： 文件位于plugin\ewe\jsp\config.jsp 新建一个文档 删除成功 img src="https://images.seebug...

深圳市恩捷建站系统 任意文件上传漏洞

网站建设专家：深圳市恩捷科技有限公司 http://www.szenjie.com/ 百度dork：inurl:fo/home.jsp 反编译文件 WEB-INF/classes/com/ej/ss/common/action/UploadFileAction.class 可以看出，通过获取参数fileType的值，给变量path赋值（上传的路径），之后直接上传。 本地构造上传页面，直接 action 给 http://website/common/uploadFile.do?fileType=productDesc 即可。 getshell 上传成功后，会提示文件路径（或直接访问...

Joomla Jomestate component version 1.0 suffers from a remote SQL injection vulnerability

No description provided by source...

Apache Axis2 后台默认口令

No description provided by source...

Youyax V5.4.1 lib/indexAction.php SQL注入漏洞

No description provided by source...

YouYaX V5.34 /ext/register.php SQL注入漏洞

No description provided by source...

用友Ehr系统的ResetPasswordViewModel模块存在利用XXE读取任意文件漏洞

No description provided by source...

wordpress的Stanford theme在wp-content/themes/stvp/jwplayer.php处存在XSS漏洞

wordpress的Stanford theme在wp-content/themes/stvp/jwplayer.php处存在XSS漏洞 响应html内容为： id参数未进行过滤，导致html注入（如上图中'1131'探针位置） 利用链接为： /wp-content/themes/stvp/jwplayer.php?id=%22%3E%3Cscript%3Ealert/sebug/%3C/script%3E...

Youyax lib/laudaction.php SQL注入漏洞

No description provided by source...

Youyax V5.4.1 lib/contentaction.php SQL注入漏洞

No description provided by source...

YouYaX V5.47 论坛前台任意账户登入（cookie伪造）漏洞

No description provided by source...

泛微oa /webservice/upload.php /webservice/upload/upload.php 等多处任意文件上传

任意文件上传共四处，属于同一个漏洞 文件位置 /webservice/upload.php /webservice/upload/upload.php /webservice-json/upload/upload.php /webservice-xml/upload/upload.php 四处都有如下代码 没有对文件有任何验证，无须登陆 文件上传之后的位置是： $path = $ATTACHPATH.$attachmentID; $fileName = $path."/".$FILES'file''name'; moveuploadedfile $FILES'file''tmpname'...

泛微oa /iweboffice/officeserver.php 任意文件上传getshell

No description provided by source...

MediaWiki 安全绕过漏洞

No description provided by source...

LZXSZXYXT乐知行数字校园系统在showInfoEdit.do的参数Type存在SQL注入漏洞

No description provided by source...

Easy File Sharing Web Server 7.2 - GET HTTP request SEH Buffer Overflow

No description provided by source...