56796 matches found
Ouman EH-net server 弱口令
No description provided by source...
Emerson Avocent® ACS 6000 Advanced Console Server 弱口令
No description provided by source...
Emerson Smart Wireless Gateway 1420 弱口令
参考链接: http://www2.emersonprocess.com/siteadmincenter/PM%20Rosemount%20Documents/00809-0200-4420.pdf...
Netcomm Wireless 弱口令
固件型号: 3G21WB 详情参考: http://media.netcomm.com.au/public/assets/pdffile/0003/68403/WSG-3G21WB.pdf 内容截图: /log/in?un=admin&pw=admin&rd=%2Fuir%2Find.htm&rd2=%2Fuir%2Fbsclogin.htm&Nrd=1 其他固件 : 同样有说明文档,此处就不枚举了。...
Emerson Network Power® MPH2™ Rack PDU 弱口令
参考链接: https://community.emerson.com/networkpower/support/avocent/power/mph2/m/mediagallery/3093...
Contemporary Control Systems BASRT-B 弱口令
参考链接: http://www.ccontrols.com/pdf/TD0712000I2.pdf...
多款Adobe产品整数溢出漏洞CVE-2014-0569
漏洞类型:整数溢出漏洞 影响组件介绍:Adobe Flash Player、Adobe AIR SDK和Adobe AIR SDK & Compiler都是美国奥多比(Adobe)公司的产品。Adobe Flash Player是一款多媒体播放器产品;Adobe AIR SDK和Adobe AIR SDK & Compiler都是适用于Adobe AIR(一个跨操作系统的运行时环境)的标准开发工具包。 漏洞分析: 原因: action script...
Emerson UL33 UPS 弱口令
No description provided by source...
Schneider Electric POWERLOGIC® EGX200 or EGX400 with firmware version 5.5 or higher 弱口令
No description provided by source...
Rockwell Automation /Allen-Bradley PanelView Plus 6 Graphic Terminals, Firmware 6.10 or later/ , PVPlus 6 弱口令
No description provided by source...
ENTES EMG-10, EMG-02 , EMG-12 弱口令
参考链接: http://www.entes.com.tr/dosyalar/EMGSeriesEN-ver22.pdf...
Sierra Wireless AirLink 9191 端口弱口令
No description provided by source...
Emerson UltraSite 弱口令
参考链接: http://www.emersonclimate.com/Documents/Retail%20Solutions/Manuals/0261004Rev1.pdf...
BinTec Elmeg any routers 弱口令
参考链接: http://www.router-defaults.com/Router/BinTec--x1200-ip-password-username...
Tridium NiagaraAX 弱口令
No description provided by source...
moxa Railway Remote I/O (ioLogik E12xx , ioLogik E15xx ) 弱口令
No description provided by source...
Emerson DeltaV™ Digital Automation System 弱口令
参考链接: http://www.chem.mtu.edu/chemeng/current/newcourses/CM4120/2009/Getting%20Started.pdf...
Moxa OnCell G3100 弱口令
No description provided by source...
Hirschmann OCTOPUS 8M..., OCTOPUS 16M..., OCTOPUS 24M… 弱口令
参考链接: https://www.neteon.net/media/downloads/IGOctopus8M16M24MPoETrain020708en1.pdf...
NOVUS AUTOMATION Superview 弱口令
No description provided by source...
OMRON IA CJ1M CPU Units with Ethernet Functions 弱口令
No description provided by source...
Yokogawa YFGW410 gateway
No description provided by source...
ConnectPort TS 4x4, ConnectPort TS 4x2, ConnectPort TS W, ConnectPort TS 8, ConnectPort TS 8 MEI, ConnectPort TS 16 弱口令
参考链接:http://ftp1.digi.com/support/documentation/90000565P1.pdf...
Digi Connect WAN, Digi Connect WAN GPRS, Digi Connect WAN GSM-R, Digi Connect WAN VPN, Digi Connect WAN IA, Digi Connect WAN 3G, Digi Connect WAN 3G IA, Digi Connect WAN 4G 弱口令
参考链接: http://www.acspl.com.au/Manuals/digiWan.pdf...
Westermo RedFox Series, Wolverine Series, Lynx Series, Falcon Series, Viper Series 弱口令
No description provided by source...
siemens Simatic S7-300 (pre-2009 versions) 弱口令
No description provided by source...
Schneider Electric ETG100 弱口令
No description provided by source...
Phoenix Contact Logic+ 弱口令
No description provided by source...
Rockwell Automation /Allen-Bradley 1734-AENT 弱口令
No description provided by source...
StrongSoft灾害预警系统doDbAccess.ashx存在SQL注入漏洞
福建四创软件开发的“山洪灾害预警监测系统”存在SQL注入漏洞,可获取数据库任意数据,进而而导致预警系统沦陷。 谷歌搜索: intitle:预警 系统 技术支持:福建四创 注入文件及参数:doDbAccess.ashx里的params 案例 "...:3505/Public/DataAccess/GeneralModule/doDbAccess.ashx?dateForAjax=364" --data "params=0125&sqlkey=Map%5FS%5FGetEnnuById%5FZWP" -p params...
WP插件Admin Management Xtended 2.4.0 越权操作
No description provided by source...
EWEBS应用虚拟化系统的文件casmain.xgi存在任意系统文件读取漏洞
No description provided by source...
Timber E-learning产品内置账号可操作任意用户及添加管理员/任意文件上传GetShell
No description provided by source...
PHP168 6.0及以下版本在文件login.php处存在利用生成的缓存PHP文件执行命令漏洞
No description provided by source...
QiboCMS地方门户系统文件coupon/s.php存在SQL注入漏洞
No description provided by source...
qemu内存泄露漏洞(CVE-2015-8567)
No description provided by source. !/bin/bash 这可能是最简单的exp吧... 原理很简单,根据详情分析,发现重新启动网卡就会调用vmxnet3activatedevice 然后堆就不停的分配内存 直到进程漰溃 这是一段bash shell脚本 eth1是我这里虚拟机上的vmxnet3设备 从开始运行直到漰溃用了我一個午觉时间,大概40分钟 其实具体情况按照自己本机机器来定,时间长短不一 root权限执行 while true do ifconfig eth1 down && echo 'Down!' ifconfig eth1 up &&...
PHPMyWind 5.0后台管理界面的SQL注入漏洞
No description provided by source...
大汉网络 /jcms/interface/ldap/receive.jsp 接口未授权更改密钥
相关代码如下 if state.equals"S" //注册应用 boolean b = ldapBlf.writeXMLappname,enckey,ldapurl,webtype,ssourl,encrypttype; 未授权注册并覆盖了 enckey 得到 enckey 之后利用可以参照 https://www.sebug.net/vuldb/ssvid-90213...
Cisco RV Series multiple vulnerabilities
No description provided by source...
wordpress <4.4.1 wp-admin/customize.php 页面 xss
No description provided by source...
kingdee办公系统的文件/kingdee/portal/portal_info.jsp存在Blind SQL注入漏洞
No description provided by source...
泛微e-cology/web/broswer/CustomerTypeBrowser.jsp sqlwhere参数SQL注入漏洞
No description provided by source...
ThinkSAAS中tsUrlCheck()函数引发注入漏洞
No description provided by source...
中科网威防火墙(NPFW)文件遍历漏洞
No description provided by source...
Beescms V4.0 在文件mx_form.php处存在后台登陆绕过漏洞
No description provided by source...
BEESCMS V4.0的文件member.php存在多处注入漏洞
No description provided by source...
YonYou NC在/nc/servlet/nc.ui.iufo.login.LoginUI存在SQL盲注漏洞
No description provided by source...
PHPOK官方DEMO配置不当可getshell(影响其他站点)
简要描述: 这.... 详细说明: Demo未配置好权限,可直接拿shell 首先登陆demo站后台 http://demo.phpok.com/admin.php 进入风格管理 更改模板格式为php 然后直接创建一个index.php内容为一句话即可。 从配置文件可以看出绑定了多个网站,其中有些是正在运行的 如yuechi.net ,岳池在线。 还有update.phpok.com,估计是用来更新的。 mask 区域 alHos n 8 Host Host admin@p ot /qg Name 1000 ;/qghost/w eny,a fro...
佳能MF8040Cn打印机弱口令
佳能MF8040Cn打印机弱口令 1.dork app:"Canon i-SENSYS MF8040Cn printer http admin" 2.漏洞详情 佳能MF8040Cn打印机存在默认账号密码 1)系統管理員模式 admin admin 2)終端使用者模式 admin 3.漏洞证明 用zoomeye搜索 : app:"Canon i-SENSYS MF8040Cn printer http admin" 可见有大量设备暴露在公网上面 http://223.197.235.193 http://219.142.195.251 用admin admin 登陆 成功登陆 可查看打印信...
Z-BLOG Blind-XXE造成任意文件读取
No description provided by source...