dedecms content administrator daemon download vulnerability and fix-vulnerability warning-the black bar safety net

ID MYHACK58:62201028546
Type myhack58
Reporter 佚名
Modified 2010-12-12T00:00:00


dedecms in prohibited to upload any file including images when the first script Trojan into a jpg and then transmitted to another station and then use the articles to publish directly to fill in on the picture of the address submitted will automatically put the picturedownloadinto the server and then use the update home page template select the horse path update for . php is to display the horse

Repair solutions:

Here indeed is。。。。

Temporarily remove the Save picture function, wait for the official update