Nginx %00空字节执行任意代码(php)漏洞

Ngnix在遇到%00空字节时与后端FastCGI处理不一致,导致可以在图片中嵌入PHP代码然后通过访问xxx.jpg%00.php来执行其中的代码 影响版本: nginx 0.5.* nginx 0 ...
漏洞情报
9,135

DVD X Player 5.5 Professional (.plf) Universal Buffer Overflow

$shellcode = $shellcode . "x89xe5xd9xc2xd9x75xf4x5dx55x59x49x49x49x49x43". "x43x43x43x43x43x51x5ax56 ...
漏洞情报
5,304

恢复Myfiles中3.8.4.3300的DLL劫持漏洞

# Tested on : win SP2 + SP3 Fr / Back | Track 5 fr ################################################ ...
漏洞情报
4,793

FCKeditor编辑器全部版本另类上传漏洞(转)

转自Fans内二货的博客,源地址:http://honglousy.blog.sohu.com/182654619.html FCKeditor all versian Arbitrary File ...
技术文章
5,631

RealVNC的验证绕道

require 'msf/core' class Metasploit3 < Msf::Auxiliary include Msf::Exploit::Remote::Tcp ...
漏洞情报
5,423

极瑞企业网站系统爆库

默认后台:admin/login.asp 默认数据库:database/%23zhiyuan_date_1003.mdb 官方演示站:http://www.li07.com/demo/01/ 漏洞文件 ...
技术文章
4,897

曼波4.6.5 CSRF的Vuln(更改管理员密码)

ExpLo!T : <html> <head> </head> <body onload="javascript:fireForms()"> &lt ...
漏洞情报
5,355

近期评论

现在登录