代码审计:discuz x3.0以及discuz x2.5 最新10多个爆路径集合 | discuz x2.5下载

DISCUZ X3.0

Seay代码审计系统漏洞报告

审计结果:发现可疑漏洞总数:10个

ID漏洞描述文件路径漏洞详细

1存在敏感信息泄露漏洞

http://localhost/discuz3//api.php?mod[]=Seay

<br /> <b>Warning</b>: array_key_exists() [<a href='function.array-key-exists'>function.array-key-exists</a>]: The first argument should be either a

2存在敏感信息泄露漏洞

http://localhost/discuz3//api/addons/zendcheck.php

<br /> <b>Warning</b>: Unterminated comment starting line 3 in <b>G:wampwwwdiscuz3apiaddonszendcheck53.php</b> on line <b>3</b><br />

3存在敏感信息泄露漏洞

http://localhost/discuz3//api/addons/zendcheck52.php

<br /> <b>Warning</b>: Unterminated comment starting line 3 in <b>G:wampwwwdiscuz3apiaddonszendcheck52.php</b> on line <b>3</b><br />

4存在敏感信息泄露漏洞

http://localhost/discuz3//api/addons/zendcheck53.php

<br /> <b>Warning</b>: Unterminated comment starting line 3 in <b>G:wampwwwdiscuz3apiaddonszendcheck53.php</b> on line <b>3</b><br />

5存在敏感信息泄露漏洞

http://localhost/discuz3//source/plugin/mobile/api/1/index.php

<br /> <b>Warning</b>: require_once(source/class/helper/helper_open.php) [<a href='function.require-once'>function.require-once</a>]: failed to open

6存在敏感信息泄露漏洞

http://localhost/discuz3//source/plugin/mobile/extends/module/dz_digest.php

<br /> <b>Fatal error</b>: Class ‘extends_data’ not found in <b>G:wampwwwdiscuz3sourcepluginmobileextendsmoduledz_digest.php</b> on line <b>

7存在敏感信息泄露漏洞

http://localhost/discuz3//source/plugin/mobile/extends/module/dz_newpic.php

<br /> <b>Fatal error</b>: Class ‘extends_data’ not found in <b>G:wampwwwdiscuz3sourcepluginmobileextendsmoduledz_newpic.php</b> on line <b>

8存在敏感信息泄露漏洞

http://localhost/discuz3//source/plugin/mobile/extends/module/dz_newreply.php

<br /> <b>Fatal error</b>: Class ‘extends_data’ not found in <b>G:wampwwwdiscuz3sourcepluginmobileextendsmoduledz_newreply.php</b> on line <

9存在敏感信息泄露漏洞

http://localhost/discuz3//source/plugin/mobile/extends/module/dz_newthread.php

<br /> <b>Fatal error</b>: Class ‘extends_data’ not found in <b>G:wampwwwdiscuz3sourcepluginmobileextendsmoduledz_newthread.php</b> on line

10存在敏感信息泄露漏洞

http://localhost/discuz3//uc_server/control/admin/db.php

<br /> <b>Fatal error</b>: Class ‘adminbase’ not found in <b>G:wampwwwdiscuz3uc_servercontroladmindb.php</b> on line <b>3</b><br />

Seay代码审计系统

Discuz x2.5

Seay代码审计系统漏洞报告

审计结果:发现可疑漏洞总数:7个

ID漏洞描述文件路径漏洞详细

1存在敏感信息泄露漏洞

http://localhost/discuz//api.php?mod[]=Seay

<br /> <b>Warning</b>: array_key_exists() [<a href='function.array-key-exists'>function.array-key-exists</a>]: The first argument should be either a

2存在敏感信息泄露漏洞

http://localhost/discuz//install/include/install_lang.php

<br /> <b>Notice</b>: Use of undefined constant SOFT_NAME – assumed ‘SOFT_NAME’ in <b>G:wampwwwdiscuzinstallincludeinstall_lang.php</b> on line

3存在敏感信息泄露漏洞

http://localhost/discuz//source/plugin/mobile/extends/module/dz_digest.php

<br /> <b>Fatal error</b>: Class ‘extends_data’ not found in <b>G:wampwwwdiscuzsourcepluginmobileextendsmoduledz_digest.php</b> on line <b>9

4存在敏感信息泄露漏洞

http://localhost/discuz//source/plugin/mobile/extends/module/dz_newpic.php

<br /> <b>Fatal error</b>: Class ‘extends_data’ not found in <b>G:wampwwwdiscuzsourcepluginmobileextendsmoduledz_newpic.php</b> on line <b>9

5存在敏感信息泄露漏洞

http://localhost/discuz//source/plugin/mobile/extends/module/dz_newreply.php

<br /> <b>Fatal error</b>: Class ‘extends_data’ not found in <b>G:wampwwwdiscuzsourcepluginmobileextendsmoduledz_newreply.php</b> on line <b

6存在敏感信息泄露漏洞

http://localhost/discuz//source/plugin/mobile/extends/module/dz_newthread.php

<br /> <b>Fatal error</b>: Class ‘extends_data’ not found in <b>G:wampwwwdiscuzsourcepluginmobileextendsmoduledz_newthread.php</b> on line <

7存在敏感信息泄露漏洞

http://localhost/discuz//uc_server/control/admin/db.php

<br /> <b>Fatal error</b>: Class ‘adminbase’ not found in <b>G:wampwwwdiscuzuc_servercontroladmindb.php</b> on line <b>3</b><br />

Seay代码审计系统

  

爱华网本文地址 » http://www.413yy.cn/a/25101012/115361.html

更多阅读

玩转小米:2 破解小米收费主题等的最新方法

玩转小米:[2]破解小米收费主题等的最新方法——简介 小米官方主题授权已改变机制,笔者之前发布的破解方法已经失效。但,上有政策,下有对策,不要低估我们米粉的力量!现已有最新的破解方法,亲测可行! 本经验就介绍一下:破解小米商店收费主题等

大灾变:新祖尔格拉布5人英雄攻略

简介:祖爾格拉布,以前是 60級的 20 人 RAID 副本,現在已變成一個 5人的英雄副本。座落於北荊棘谷的一個大型戶外的副(可使用地面座騎)。因為玩家擊敗了邪神哈卡,暗矛食人妖的回歸,沃金與他的部族奪回了自己的領地,並定居在祖爾格拉布,現在

UG安装方法:1 UG8.0安装技巧

UG安装方法:[1]UG8.0安装技巧——简介UG8.0被广泛应用在编程、产品造型、模具设计等工业设计领域,有很多小伙伴在安装完8.0软件后,出现打不开的现象;今天咱们就来讲解下关于UG8.0软件的安装技巧;(我电脑系统为win8,附带有安装视频)UG安装

声明:《代码审计:discuz x3.0以及discuz x2.5 最新10多个爆路径集合 | discuz x2.5下载》为网友寂寞寂寞就好了分享!如侵犯到您的合法权益请联系我们删除