|
A simple analysis of XSS vulnerabilities | Hits:3 |
In the web of vigorous development today, XSS undoubtedly has become the most popular holes in the security company, I have seen the penetration test report as dozens of XSS loophole, also see high security researchers will target to... | 2010-09-13 |
e107 BBCode arbitrary PHP code execution vulnerability analysis | Hits:45 |
e107 is content management system written in php. e107 in the bbcode [php] allows execution of arbitrary PHP code. More dangerous because in this way, e107 configuration generally prohibit all users access the bbcode, the administrator can... | 2010-09-11 |
Jinshan WebShield's KAVSafe.sys kernel-mode Local Privilege Escalation Vulnerability | Hits:5 |
Kavsafe.sys create a device called DeviceKAVSafe, and handles DeviceIoControl request IoControlCode = 0x830020d4, which can overwrite arbitrary kernel module data Machine Translation: Kavsafe.sys create a named DeviceKAVSafe equipment, and... | 2010-09-10 |
BBSGood Forum program multiple vulnerabilities | Hits:5 |
Added: 2010-05-13 System Number: WAVDB-01598 Affected version: BBSGood 5.0/5.0.2 Program description: BBSGOOD is the first use of caching technology forum, BBSGOOD posts and the list home page is static HTML files can be generated. -------... | 2010-09-06 |
DVbbs dispuser.asp cross-site flaws | Hits:5 |
Author: Amxking Vulnerability Mining: gentlemen Liang Vulnerability process: Dvbbs Vulnerability Type: xss Vulnerability page: dispuser.asp Procedure Description: Dongwangluntan as is currently the largest provider... | 2010-09-04 |
nginx file type error parsing vulnerability | Hits:59 |
Vulnerability Description: nginx is a high-performance web server, is widely used, its not often used as a reverse proxy can also be very good support to PHP running. 80sec found there's a more serious security problems... | 2010-09-02 |
Details of PHP code execution vulnerability | Hits:59 |
A code execution function PHP function that can execute code. If eval (), assert (),``, system (), exec (), shell_exec (), passthru (), escapeshellcmd (), pcntl_exec (), etc. demo code 1.1: ? Php echo `dir`; ? Second file contains the code... | 2010-08-31 |
On the 8.2 version of the vulnerability DVBBS | Hits:4 |
Yesterday saw a group of one lost out, clamored through killing DVBBS8.2 of 0day, a bit speechless. This loophole has at least six months, my hands get some time, what station did not Naqu out more, testing a few of the major stations,... | 2010-08-30 |
IIS source code disclosure, and file type parsing error | Hits:12 |
Vulnerability Description: IIS is Microsoft's launch of a webserver, used more widely, in support of the asp / asp.net the same time, can also better support for PHP and other languages to run. However 80sec found in the higher versions of... | 2010-08-30 |
DedeCMS V5.5 Final GetWebshell latest 0day vulnerability | Hits:53 |
DedeCMS is woven dream content management system, the latest version has been released to the official version of 5.5. Very regrettable that the new version of the loopholes they burst, so black subsistence Special Laipian point royalties.... | 2010-08-27 |
e107 Content Management System SQL Injection vulnerability exists usersettings.php page | Hits:4 |
e107 is content management system written in php. e107's usersettings.php page SQL Injection vulnerability exists: if ( ret =='') ( Loginname = strip_tags ( _POST ['loginname']); if (! loginname) ( Loginname =... | 2010-08-26 |
Easy to type into the search for loopholes in the Housing System | Hits:10 |
Keyword inurl: efwmanager; inurl: search_hire.asp; (inurl: sub_hack.asp? The keyword bit more) Affected version: unknown Vulnerability file: search_sell.asp; search_hire.asp; search_buy.asp conn.asp Description: This system... | 2010-08-25 |
e107 Content Management System SQL Injection vulnerability exists usersettings.php page | Hits:3 |
e107 is content management system written in php. e107's usersettings.php page SQL Injection vulnerability exists: if ( ret =='') ( Loginname = strip_tags ( _POST ['loginname']); if (! loginname) ( Loginname =... | 2010-08-24 |
TinyBrowser Remote File Upload Vulnerability Analysis | Hits:7 |
Release date :2010-05.27 Posted on: Amxking Affected version: unknown Official Address: http://www.lunarvis.com/products/tinymcefilebrowserwithupload.php Vulnerability Description: Remote File Upload Vulnerability Here we look at upload... | 2010-08-23 |
Upload exploits of a system syWebEditor | Hits:3 |
Keywords: inurl: syWebEditor EXP: / syWebEditor / Sel_UploadFile.asp? Obj = ProPhoto fileType = gif% 7Cjpg% 7Cpng% 7C filePathType = 1 filePath = / PhotoFile / ProFile / poc: http://www.hxhack.com/syWebEditor/Sel... | 2010-08-21 |
|