phpwind9. 0 Cloud Platform is a plug-in arbitrary code execution-vulnerability warning-the black bar safety net

ID MYHACK58:62201337901
Type myhack58
Reporter 佚名
Modified 2013-03-23T00:00:00


phpwind9. 0 drags finally released, looks very NB look, but is actually who with who knows ,all kinds of bugs everywhere, a variety of error...this is an example, pass to kill type..., the official does not fix on my own with the new version possibly?..

Detailed description:


Sign of the times, in a custom I want to that place, write a few quotes, and then on the Cup..after the submission, direct message the absolute path..

Vulnerability to prove:


Unfiltered, direct access to the content item, then a syntax error Umm, I good boy, as there is also able to expressive the horse, not wide who know..

Repair solutions:

The appropriate filter or something. it.