An enterprise Web application upload vulnerability-vulnerability warning-the black bar safety net

ID MYHACK58:62200925723
Type myhack58
Reporter 佚名
Modified 2009-12-26T00:00:00


Author: Dragon shadow VS hx dragons

Looks like Is a very old program even in the Baidu and Google didn't find a program today next to the Note When or unintentionally found that the use of this program website

google. the cn keyword inurl:zhaoshang. asp? bid search to 5 6 Article 3 of the results were acceptable.~ after all is the old program.

Vulnerabilities page upload_flash. asp can upload asp format(looks like you can upload any format) with the capture tool is very simple to upload after the address is applied directly in the root directory of the site.