finecmsV5.0.8 \finecms\dayrui\controllers\member\Account.php getshell

Vulnerability in the file C:\phpStudy\WWW\finecms\dayrui\controllers\member\Account. in php upload function public function upload // Create the picture storage folder $dir = SYSUPLOADPATH.'/ member/'.$ this-uid.'/'; @drdirdelete$dir; ! isdir$dir && drmkdirs$dir; if $POST'tx' $file = strreplace' ...

finecmsV5.0.8 \finecms\dayrui\controllers\Api.php getshell

Vulnerability in the C:\phpStudy\WWW\finecms\dayrui\controllers\Api. in php data2 function, approximately in the line 115, the problematic code about 178 rows public function data2 $data = array; // Route authentication if defined'SYSREFERER' && strlenSYSREFERER $http = $SERVER'HTTPREFERER' ?...