eyoucms

前台getshell


https://cloud.tencent.com/developer/article/1690304
/index.php/api/Uploadify/preview
data:image/php;base64,PD9waHAgcGhwaW5mbygpOw==

http://www.lovei.org/archives/EyouCMS-SSTI.html
EyouCMS <1.4.2 任意代码执行漏洞

https://wiki.96.mk/Web%E5%AE%89%E5%85%A8/Eyoucms/Eyoucms%201.4.1%20%E5%89%8D%E5%8F%B0rce/  Eyoucms 1.4.1 前台rce

 

后台登陆后getshell

https://xz.aliyun.com/t/6724   eyoucms后台文件上传漏洞(CNVD-2019-34335)
https://www.cnblogs.com/jinqi520/p/11274699.html 后台RCE
https://www.zhihuifly.com/t/topic/2919 Eyoucms 1.3.5 后台getshell
https://wiki.96.mk/Web%E5%AE%89%E5%85%A8/Eyoucms/Eyoucms%201.4.3%20%E5%90%8E%E5%8F%B0%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E/ Eyoucms 1.4.3 后台代码执行漏洞

 

前台任意文件写入

https://wiki.96.mk/Web%E5%AE%89%E5%85%A8/Eyoucms/Eyoucms%201.4.3%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E5%86%99%E5%85%A5/
Eyoucms 1.4.3 任意文件写入

 

前台SQLI

https://wiki.96.mk/Web%E5%AE%89%E5%85%A8/Eyoucms/Eyoucms%201.3.9%20%E5%89%8D%E5%8F%B0sql%E6%B3%A8%E5%85%A5/

 

后台SQLI

Eyoucms 1.4.2 后台注入
https://wiki.96.mk/Web%E5%AE%89%E5%85%A8/Eyoucms/Eyoucms%201.4.2%20%E5%90%8E%E5%8F%B0%E6%B3%A8%E5%85%A5/

 

后台CSRF

https://wiki.96.mk/Web%E5%AE%89%E5%85%A8/Eyoucms/Eyoucms%201.4.3%20csrf%E6%BC%8F%E6%B4%9E/

 

 

未公开

CNVD-2020-47671(命令执行)
CNVD-2020-44392(命令执行)
CNVD-2020-44391(SQLI)
CNVD-2020-44116(命令执行)
CNVD-2020-33104(文件包含)
CNVD-2020-28083(文件上传)
CNVD-2020-28132(命令执行)
CNVD-2020-25554(文件上传)
CNVD-2020-23486(文件上传)
CNVD-2020-23820(命令执行)
CNVD-2020-23805(文件上传)
CNVD-2020-23229(文件包含)
CNVD-2020-18677(文件上传)
CNVD-2020-18674(命令执行)
CNVD-2020-18735(代码执行)
CNVD-2020-04902(文件上传)
CNVD-2019-47183(命令执行)
CNVD-2019-29661(SQLI)
CNVD-2019-27633(命令执行)
CNVD-2019-27632(文件上传)
CNVD-2019-16796(文件上传)
CNVD-2018-19304(命令执行)

 

 

 

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
posted @ 2021-03-15 22:04  7hang  阅读(629)  评论(0编辑  收藏  举报