3 matches found
DeDeCMS < 5.7-sp1 - Remote File Inclusion
========================== Exploit Title: Dedecms variable coverage leads to getshell Date: 26-06-2015 Vendor Homepage: http://www.dedecms.com/ Version: dedecms 5.7-sp1 and all old version CVE : CVE-2015-4553 =========================== CVE-2015-4553Dedecms variable coverage leads to getshell...
DeDeCMS 5.7-sp1 - Remote File Inclusion
DeDeCMS 5.7-sp1 - Remote File Inclusion ========================== Exploit Title: Dedecms variable coverage leads to getshell Date: 26-06-2015 Vendor Homepage: http://www.dedecms.com/ Version: dedecms 5.7-sp1 and all old version CVE : CVE-2015-4553 =========================== CVE-2015-4553Dedecms...
DeDeCMS(织梦) 变量覆盖(CVE-2015-4553)
简要描述: 1.受影响版本DEDECMS 5.7、5.6、5.5。 2.漏洞文件/include/common.inc.php 3.DEDECMS的全局变量初始化存在漏洞,可以任意覆盖任意全局变量。 漏洞危害: 1.黑客可以通过此漏洞来重定义数据库连接。 2.通过此漏洞进行各种越权操作构造漏洞直接写入webshell后门。 !usr/bin/php -w 12 echo " Exploit Success \n"; if$aid==1echo " Shell:".$url."/$path/data/cache/fuck.php\n" ; if$aid==2echo "...