Cherry enterprise website management system V3. 1 vulnerability-the vulnerability warning-the black bar safety net

2013-07-07T00:00:00
ID MYHACK58:62201339535
Type myhack58
Reporter 佚名
Modified 2013-07-07T00:00:00

Description

Vulnerability file: news_category. asp

Set rs = server. CreateObject("adodb. recordset")

sql ="select * from news where category="&request. QueryString("id")&" order by id desc"

rs. Open sql, conn, 1, 1

If rs. EOF Then

Vulnerability code: not filtered

Vulnerability file admin_delete. asp

Vulnerability cause: seeion. asp not included

Any administrator account to remove the vulnerability, not for permission to verify, you know.

The use of method of http:\\www. hackq1990. com\admin\admin_delete. asp? id=1

Vulnerability file admin_modify. asp

Vulnerability cause: seeion. asp not included

Any administrator to modify the vulnerabilities, including password Oh Pro link injection step on the decryption code are omitted

The use of method of http:\\www. hack1990. com\admin\admin_modify. asp? id=1

Take the shell method, the editor FCK, know how to do it,

It is not the word written to the site configuration file