TPshop 后台代码执行漏洞

0x01 说明 TPshop开源商城系统 Thinkphp shop的简称 ，是深圳搜豹网络有限公司开发的一套多商家模式的商城系统。适合企业及个人快速构建个性化网上商城。包含PC+IOS客户端+Adroid客户端+微商城，系统PC+后台是基于ThinkPHP5 MVC构架开发的跨平台开源软件，设计得非常灵活，具有模块化架构体系和丰富的功能，易于与第三方应用系统无缝集成，在设计上，包含相当全面，以模块化架构体系，让应用组合变得相当灵活，功能也相当丰富。 下载地址：http://www.tp-shop.cn/Index/Index/download.html 目录大概结构 ├─index.p...

TPshop open source mall system 2.0 eval-stdin.php file there is a backdoor default vulnerability

TPshop open source mall system Thinkphp shop for short , is a set of Shenzhen Soleil Networks Ltd. developed a set of multi- merchant model of the mall system . TPshop open source mall system 2.0 eval-stdin.php file has a backdoor vulnerability . Attackers send POST requests containing malicious...

TPshop 2.0 Backend SQL Injection Vulnerability in Multiple Different Page Parameters

TPshop open source mall system Thinkphp shop for short , is a set of Shenzhen Soleil Networks Ltd. developed a set of multi- merchant model of the mall system . TPshop 2.0 background parameters of a number of different pages mobile, id and orderby the existence of SQL injection leaks , allowing...