Skip to content

Scripts

chybeta edited this page Jan 17, 2018 · 35 revisions

列表

TYPE SCRIPT DESCRIPTION
phpcms v960_sqlinject_getpasswd phpcmsv9.6.0 wap模块 sql注入 获取passwd
icms v701_sqlinject_getadmin icmsv7.0.1 admincp.php sql注入 后台任意登陆 admin权限
discuz v34_delete_arbitary_files discuz ≤ v3.4 任意文件删除
beecms v40_fileupload_getshell beecms ≤ V4.0_R_20160525 文件上传漏洞 getshell
semcms v23_sqlinject_getadmin semcms ≤ V2.3 sql注入 后台任意登陆 admin权限
joomla v370_sqlinject_getuser Joomla v3.7.0 sql注入 com_fields组件
drupal v833_yamlseria_getshell Drupal ≤ v8.3.3 yaml反序列化 远程命令执行漏洞 getshell
phpoko v47_fileupload_getshell phpok ≤ v4.7 文件上传漏洞 getshell
seascms v655_eval_getshell seacms ≤ v6.5.5 eval过滤不当 任意代码执行漏洞 getshell
seascms v654_eval_getshell seacms ≤ v6.5.4 eval过滤不当 任意代码执行漏洞 getshell
seascms v654_eval_getshell seacms ≤ v6.5.4 eval过滤不当 任意代码执行漏洞 getshell
niushop v111_fileupload_getshell niushop ≤ v1.1.1 文件上传漏洞 getshell
exponent v238_fileupload_getshell exponent≤ v2.3.8 文件上传漏洞 getshell CVE-2016-7095
exponent v239_install_getshell exponent≤ v2.3.9 配置文件写入漏洞 getshell CVE-2016-7565
tpshop v208_preview_getshell tpshop ≤ v2.0.8 preview页面 getshell
fiyocms v207_fileupload_getshell fiyocms≤ v2.0.7 文件上传漏洞 getshell CVE-2017-7625
fiyocms v207_fileread_getconfig fiyocms≤ v2.0.7 任意文件读取漏洞 获取config.php信息 CVE-2017-17104
duomicms v132_sqlinject_getpasswd duomicms ≤ v1.3.2 sql注入 获取passwd
duomicms v132_eval_getshell duomicms ≤ v1.3.2 search.php eval过滤不当 任意代码执行漏洞 getshell
zzcms v81_sqlinject_getpasswd zzcms≤ v8.1 sql注入 获取passwd
appcms v20101_backdoor_getshell appcms = v2.0.101 content_list.php后门 getshell
axublog v106_sqlinject_getpasswd axublog ≤ v1.0.6 hit.php sql注入 获得账号密码
axublog v106_sqlinject_getadmin axublog ≤ v1.0.6 ad/login.php sql注入 后台管理员登陆
easycms v11_sqlinject_getpasswd easycms ≤ v1.1 PersonAction.class.php sql注入漏洞 获取passwd
opensns v280_fileupload_getshell opensns ≤ v2.8.0 uploadPictureBase64.html 文件上传漏洞 getshell
iwebshop v46_sqlinject_getpasswd iwebshop ≤ 4.6 sql注入 获得管理员账号密码
siteserver v364_unauth_getpasswd siteserver ≤ 3.6.4 未授权访问 获得管理员账号密码

分类

  • v960_sqlinject_getpasswd
  • v34_delete_arbitary_files
  • v701_sqlinject_getadmin
  • v40_fileupload_getshell
  • v23_sqlinject_getadmin
  • v370_sqlinject_getuser
  • v833_yamlseria_getshell
  • v47_fileupload_getshell
  • v655_eval_getshell
  • v654_eval_getshell
  • v645_eval_getshell
  • v111_fileupload_getshell
  • v238_fileupload_getshell
  • v239_install_getshell
  • v208_preview_getshell
  • v132_sqlinject_getpasswd
  • v132_eval_getshell
  • v207_fileupload_getshell
  • v207_fileread_getconfig
  • v81_sqlinject_getpasswd
  • v20101_backdoor_getshell
  • v106_sqlinject_getpasswd
  • v106_sqlinject_getadmin
  • v11_sqlinject_getpasswd
  • v280_fileupload_getshell
  • v46_sqlinject_getpasswd
  • v364_unauth_getpasswd