Signaling network of independently developed web site source code vulnerability-vulnerability warning-the black bar safety net

ID MYHACK58:62201234072
Type myhack58
Reporter 佚名
Modified 2012-06-11T00:00:00


Google search inurl:product1. asp? tyc=

Editor vulnerability the default background ubbcode/admin_login. asp

Database ubbcode/db/ewebeditor. mdb

The default account password yzm 1 1 1 1 1 1

Get the webshell method

Landing back click on the“style management”-select the new style just to write this things we do on the line style name:scriptkiddies

Feel free to write path mode: select absolute path to the image type: gif|jpg|jpeg|bmpasp|asa|aaspsp|cer|cdx

A picture type such as is that we want to upload ASP Trojan format

Upload path:/

Picture limit: write 1 0 0 0 free of ON not We of asp Trojan upload content do not write

Then we can have submitted you can see the style increased success! Then we press-and-return style of management find just add the style name and then press the toolbar, press the new toolbar and then press the-button to set the optional buttons to select the Insert a picture and then press on-and then save the settings

And then the web address bar directly input ubbcode/Upload. asp? action=save&type=&style=scriptkiddies

On our ASP Trojan enter you can wait until the path