FoosunCms the asp version getshell-a vulnerability warning-the black bar safety net

In the file\User\award\awardAction. asp: | 1 2 3 4 5 6 7 8 9 | Integral=NoSqlHackrequest. QueryString"Integral" ifaction="join"then UserConn. execute"Insert into FSMEUserPrize prizeid,usernumber,awardID values" CintStrprizeID&",'"&session"FSUserNumber"&"'," CintStrawardID&"" 'Get the current numb...

Wind news site management system any changes to password vulnerabilities-vulnerability warning-the black bar safety net

FoosunCMS is a powerful feature of based on ASP+ACCESS/MSSQL architecture of content management software. Vulnerability analysis: In the file\User\ GetPassword. asp: ElseIf Request. Form"Action" = "step3" then //first 2 Line 8 Call step3 ...... Sub step3 //the 1 9 8 row Dim ppassnew,pconfimpassne...