dedecms any address jump-vulnerability warning-the black bar safety net

ID MYHACK58:62201132613
Type myhack58
Reporter 佚名
Modified 2011-12-17T00:00:00


Brief description: dedecms any address jump

Detailed description:

$link = base64_decode(urldecode($link));

the link can be configured to any address, below to jump directly.


Affect all used to dedecms system website

Vulnerability to prove:

Solution: use parameters to make a judgment, not with the domain name of the jump to be prompted to

Author of the day fish