路漫漫其修远兮

yccms - Sql Injection

Vulnerability Report: yccms 3.3 sql injection This paper describes yccms(yccms is a PHP version of lightweight CMS station building system, the program page design is simple, generate static html, powerful background functions, conducive to optimization, super-strong collection, super-strong ranking, suitable for keyword ranking, Taobao guest program, is an ideal choice for individuals and enterprises to build a station. Sql injection vulnerability in the project, no_top function’s improper judgment of the request parameters, triggering a sql injection vulnerability Test Environment yccms: 3.3 website: http://www.yccms.net/ php: 7.2.9 os and hardware: Mac OS X 10_12_6 Vulnerability Location The vulnerability lies in the index......

yccms - Directory Traversal

Vulnerability Report: yccms 3.3 Directory Traversal This paper describes yccms(yccms is a PHP version of lightweight CMS station building system, the program page design is simple, generate static html, powerful background functions, conducive to optimization, super-strong collection, super-strong ranking, suitable for keyword ranking, Taobao guest program, is an ideal choice for individuals and enterprises to build a station. Directory traversal vulnerability in the project, delete, deletesite, deleteAll function’s improper judgment of the request parameters, triggering a directory traversal vulnerability Test Environment yccms: 3.3 website: http://www.yccms.net/ php: 7.2.9 os and hardware: Mac OS X 10_12_6 Vulnerability Location The vulnerability lies in......

cmswing - Code Execution

Vulnerability Report: cmswing 1.3.8 code execution This paper describes an code execution vulnerability in cmswing project. Because the function log does not check the parameter log, malicious parameters can cause code execution in the process of user replenishment Cmswing https://github.com/arterli/CmsWing is a powerful electronic commerce platform and CMS station building system based on ThinkJS (Node.js MVC) and MySQL (PC, mobile and Wechat Public Platform) Test Environment cmswing: 1.3.8 github: https://github.com/arterli/CmsWing stars: 1094 nodejs: 11.10.0 mysql: 5.7.27 OS and hardware: Mac OS X 10_12_6 Vulnerability Location The vulnerability lies in the log function in the cmswing/src/mode/action.js async log(action, model, record_id, user_id,......

thinkjs - sql注入漏洞分析

Vulnerability Report: Thinkjs Blind SQL Injection 本文档描述了Thinkjs project的一个盲注漏洞,由于关系数据库中model.increment(field, step) 和 model.decrement(field, step)函数对step的参数缺少检查,恶意的参数可以导致程序在处......