phpshe v1.1 do.php 存在sql注入(导致可绕过后台登录)

Basic Fields

SSV ID:
SSV-91190
Find Time:
Unknown
Submit Time:
2016-03-29
Level:
Category:
SQL 注入
Component:
PHPSHE
Author:
Unknown
Submitter:
watcher
CVE-ID:
Add
CNNVD-ID:
Add
CNVD-ID:
Add
ZoomEye Dork:
Add

Source

Login to see

Detail

Contributor watcher Got  1KB
Login to see
websec80 have 1  exchange

PoC (pocsuite 插件) (pocsuite 插件)

Contributor Bugfix totally have   0KB
Login to see
have 0 Exchange

Reference Linking

Login to see

Solutions

Login to see

Timeline

  • 发现/披露了漏洞
  • watcher
    2016-03-29 提交了漏洞
  • watcher
    2016-03-29 提交补充了漏洞详情
  • Hcamael
    2016-04-13 提交更新了 PoC
  • Bugfix
    2016-04-26 提交更新了 PoC

Related Vuls

Popularity 2532
Need to bind phone before comment. Bind Now

Unavailable Comments

※Any content provided by this site, only to learn the code and services, not for illegal purposes

京ICP备10040895号 京公网安备 11010502034610号 Copyright @ 404 Team from Knownsec. 简体中文