Any I line CRM permissions, bypass, upload, XSS, SQL injection variety of simple test-vulnerability warning-the black bar safety net

2014-01-19T00:00:00
ID MYHACK58:62201441891
Type myhack58
Reporter 佚名
Modified 2014-01-19T00:00:00

Description

Any I line CRM system permissions, bypass, upload, XSS, aSQL injectiona variety of simple test

A company's internal network using this system, The first see you to, see the WEB application could not help but hand base~~

1, upload Personal platform inside the write internal messages when uploading attachments, the many types without filtering, such as asa, cdx, of course, no filter xx. asp;x. jpg this format:

! 1

Find the address:

! 1

Get a shell:

! 1

2, theXSS Occurs in many places, the screenshots for the truncated e-mail message header here:

! 1

3, permissions, bypass

There may be friends do not have employee accounts to the system these are no way to use Ah! Not enough! This app has permission to bypass the~~direct access to: http://192.168.0.88/crm/Message/ExMailSend.asp?UID=&AccountID=&MailID=1&IsPrivate=1&OperateType=ReSend&TimeID=0.13946238309452646 into the write message interface, you can upload, canXSS, and of course a permission to bypass the soon it happens here, a lot of pages have the right to limit bypass:

! 1

[1] [2] next