• Welcome to the world's largest Chinese hacker forum

    Welcome to the world's largest Chinese hacker forum, our forum registration is open! You can now register for technical communication with us, this is a free and open to the world of the BBS, we founded the purpose for the study of network security, please don't release business of black/grey, or on the BBS posts, to seek help hacker if violations, we will permanently frozen your IP and account, thank you for your cooperation. Hacker attack and defense cracking or network Security

    business please click here: Creation Security  From CNHACKTEAM

WEB应用常见其他漏洞


wings

Recommended Posts

1. 暴力猜解用户名及密码
2. 扫敏感目录及备份文件
3. PhpMyadmin的万能密码
4. 报错页面的图片也是可以存在反射型XSS的
5. 隐藏域中可能存着明文密码
6. 逻辑漏洞——任意用户密码重置
7. 短信炸弹
8. SVN源码泄露
9. 扫描一下局域网共享
10. 关注一些非主流的漏洞,如HTTP响应拆分漏洞
11. 扫一下端口
12. 发掘隐藏的链接地址
13. 发掘一些越权的测试页面
14. IIS短文件名泄露漏洞
15. jQuery存在XSS漏洞
16. 目录浏览漏洞
17. URL跳转漏洞
18. 框架钓鱼漏洞
19 .未加密登陆请求
20. HTTP报头追踪漏洞
21. DNS域传送漏洞
22.私有IP泄露
23. 网络物理路径信息泄漏漏洞
24. 系统重装漏洞
25. 任意文件下载
关于openSSL HeartBleed 漏洞


————————————————
版权声明:本文为CSDN博主「温柔小薛」的原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接及本声明。
原文链接:https://blog.csdn.net/weixin_43079958/article/details/105741417

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now