Siteserver CMS is the latest batch to take Station 0DAY-vulnerability warning-the black bar safety net

2011-04-27T00:00:00
ID MYHACK58:62201130222
Type myhack58
Reporter 佚名
Modified 2011-04-27T00:00:00

Description

SiteServer CMS Web Content Management System(copyright registration number 2008SR15710 is positioned in the high-end market of CMS, content management system, it is possible to the lowest cost, minimal human input in the shortest period of time to set up a fully functional, excellent performance, large-scale website platform.

SiteServer CMS 是 基于 微软 .NET platform development of web content management system, which integrates the content release management, MultiSite management, timing, content acquisition, timing generation, multi-server publishing, search engine optimization, traffic statistics and many other powerful features, the original STL template language, through the Dreamweaver visual plugins to be able to edit any page, display style, generating pure static pages.

----------------------------------------------------------------

The exploit: the

Register a lvbaowang. asp user login after the upload change the name of the back door on the line.

Registered address: http://www. lvbaowang. com/UserCenter/register. aspx

The back door path: http://www.lvbaowang.com//UserFiles/lvbaowang.asp/lvbaowang.jpg

The use of an IIS parsing vulnerabilities simple! Microsoft to bring desktop convenience, also come the dangers.

Batch keywords:

Powered by SiteServer

Or

Beijing hundred content thousand domain software Technology Development Co., Ltd. All rights reserved