Zhuo Xun intelligent site management system EmteEasySite
Official website:http://www. emte. com. cn/
Technical support:Zhuo Information Technology
Directly into the background to see the copyright is not EmteEasy system
The default database address can be downloaded
After downloading open directly see the AdminUser table
See column AName2 and Apass2 view administrator plaintext account password
PS:(the account number in front is the md5 encryption behind it out the plaintext for? Puzzled him what it was thinking)
Editor upload vulnerability
http://www.xxoo.com/! Emte%5E=. Editor/adminlogin. asp
Directly press ewebeditor AdminCP-style Manager-set-add aaspsp format you can break the filter upload
Just add a’it will burst vulnerability.
Readily available to. D to the injection.
Column account: aname2 password apsss2
Into the background some version supports database backup directly with opera to see the source code to modify the backup address into your picture script of the address.
Some versions have no database backup that kind of tragedy,you can try to use the editor vulnerability to get a shell to!