3 matches found
SiteStar the establishment of the station star V2. 0 security-vulnerability warning-the black bar safety net
author: cnryan 1vulnerability overview: SiteStar V2. 0 does not properly restrict file uploads, a remote attacker could exploit this vulnerability to upload arbitrary files to the Web directory, The final result in the server executing arbitrary commands. 2vulnerability analysis: Vulnerability is...
The establishment of the station star SiteStar V2. 0 Upload vulnerability-vulnerability warning-the black bar safety net
SiteStar V2. 0 does not properly restrict file uploads, a remote attacker could exploit this vulnerability to upload arbitrary files to the Web directory, The final result in the server executing arbitrary commands. Vulnerability is generated in the /script/multiupload/uploadify. php file: ? php ...
SiteStar V2.0 任意文件上传漏洞
SiteStar V2.0没有正确限制文件的上传,远程攻击者可能利用此漏洞上传任意文件到Web目录,最终导致在服务器上执行任意命令。 /script/multiupload/uploadify.php 文件: ?php if !empty$FILES $tempFile = $FILES'Filedata''tmpname'; $targetPath = $SERVER'DOCUMENTROOT' . $POST'folder' . '/'; $targetFile = strreplace'//','/',$targetPath . $FILES'Filedata''name'; //...