Cute Editor online editor local include vulnerability xday-vulnerability warning-the black bar safety net

ID MYHACK58:62201027176
Type myhack58
Reporter 佚名
Modified 2010-06-12T00:00:00


First, the vulnerability description: CuteEditor for ASP. NET is built on an Html Foundation, most easy-to-use, most powerful WYSIWYG Asp. net online editor. CuteEditor can help Asp. net developers to easily on the original text box(Textarea)content(including text, images and other Html content)for editing, more important is the content editor is a WYSIWYG way. CuteEditor also integrates a file(including pictures, documents, etc.) is uploaded, the media(including video, sound, etc.) file directly into the other for you to be very practical modules. But in the Load. ashx file, not the file parameter is processed, you can load any file. Second, the official address: <> <> Three, use methods: config