DedeEIMS /include/common.inc.php 登陆绕过漏洞

No description provided by source...

DedeEIMS v1. 1 storm background path-vulnerability warning-the black bar safety net

includedialogconfig.php //Test user login status $cuserLogin = new 'userLogin' ; if$cuserLogin-getUserID==-1 if$cuserLogin-adminDir==" exit'Request Error!'; $gurl = "../../$cuserLogin-adminDir/login. php? gotopage=". urlencode$dedeNowurl; echo ""; exit; http://www.xxx.com/include/dialog/config.ph...