shimo.im
Open in
urlscan Pro
47.243.25.188
Public Scan
Submitted URL: https://shimo.im/docs/5xkGMZx0ZeUmpx3X
Effective URL: https://shimo.im/docs/5xkGMZx0ZeUmpx3X/read
Submission: On December 06 via api from US — Scanned from DE
Effective URL: https://shimo.im/docs/5xkGMZx0ZeUmpx3X/read
Submission: On December 06 via api from US — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
CVE-2022-44411 11月26日 7:02 更新 注册登录 开启更多功能,提升办公效能 Exploit Title: Web Based Quiz System v1.0 is vulnerable to brute force attack Software Link: https://www.sourcecodester.com/download-code?nid=14727&title=Web+Based+Quiz+System+in+PHP%2FMySQLi+with+Full+Source+Code Version: v1.0 Describe:Web Based Quiz System v1.0 transmits user passwords in plaintext during the authentication process, allowing attackers to obtain users' passwords via a bruteforce attack. STEPS TO REPRODUCE: Try to login in the input box. Capture the packet and find that the password is plaintext transmission, and try to conduct a violent attack. Judge whether it is the correct password according to different return values. PATCH RECOMMENDATION: Add ratelimit protecion on POST login endpoints/parameters * 复制图片 * 下载图片 目录 * Steps to reproduce: * Patch recommendation: 三百八十四 阅举报 永久去广告 暂时关闭 永久去广告 暂时关闭 word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word mmMwWLliI0fiflO&1 mmMwWLliI0fiflO&1 mmMwWLliI0fiflO&1 mmMwWLliI0fiflO&1 mmMwWLliI0fiflO&1 mmMwWLliI0fiflO&1 mmMwWLliI0fiflO&1 word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word mmMwWLliI0fiflO&1 mmMwWLliI0fiflO&1 mmMwWLliI0fiflO&1 mmMwWLliI0fiflO&1 mmMwWLliI0fiflO&1 mmMwWLliI0fiflO&1 mmMwWLliI0fiflO&1