wms
wms copied to clipboard
FeMiner
企业仓库管理系统
A RCE was found in system/datarec.php, the `$_POST[r_name]` is directly passed into the $mysqlstr, and is executed by exec, which causing a RCE.  POC: Firstly, start a nc listener:...
Hey there! I belong to an open source security research community, and a member (@wtwver) has found an issue, but doesn’t know the best way to disclose it. If not...
Vulnerability Type : --- Command execution Vulnerability Version : --- 1.1 Recurring environment: --- Windows Server 2012 PHP 5.5.38 Apache 2.4 Mysql 5.6 Vulnerability Description AND recurrence: --- During installation,...
SQL injection in http://localhost/wms/src/basic/editinout.php The GET parameter "id" is passed without filtering to SQL sentence which causes the vulnerability.
A critical SQL Injection vulnerability was found in chkuser.php. The parameter "username" is passed without filtering to SQL sentence which causes the vulnerability. Hackers can exploit it without authority to...
Warning: mysql_connect(): Access denied for user 'root'@'localhost' (using password: YES) in D:\phpstudy_pro\WWW\wms\conn\conn.php on line 2 数据库服务器连接错误Access denied for user 'root'@'localhost' (using password: YES)
