Lucene search
K

3 matches found

myhack58
myhack58
added 2011/07/20 12:0 a.m.19 views

YxShop easy to shopping Mall fckeditor upload vulnerability-vulnerability warning-the black bar safety net

YxShop 是 国内 首家 ASP.NET 免费 开源 商城 购物 系统 是 易 想 团队 自主 研发 的 基于 Asp.Net+C+SQL B2C online store system, with open source, high-speed, stability, security and other characteristics, can be free to add channels, as long as understood website General knowledge of webmasters can easily use the easy to Mall...

0.3AI score
Exploits0
seebug.org
seebug.org
added 2011/07/19 12:0 a.m.32 views

YxShop易想购物商城4.7.1版本任意文件上传漏洞

简要描述: 这个号称中国首家ASP.NET免费开源商城购物系统。最新版本是4.7,竟然采用2.4版本以下的fckeditor编辑器。所以可以直接上传任意文件。 详细说明: 其他版本我没测试,估计也是一样的问题 http://127.0.0.1/controls/fckeditor/editor/filemanager/browser/default/browser.html?Type=../&Connector=connectors/aspx/connector.aspx 跳转到网站根目录上传任意文件。 漏洞证明:...

7AI score
Exploits0
myhack58
myhack58
added 2011/07/17 12:0 a.m.12 views

YxShop easy to Shopping Mall 4. 7. 1 version arbitrary file upload vulnerability-vulnerability warning-the black bar safety net

Author: Konstantin Tonight happened to come across this app, went to search a bit and found that with people quite a lot. Also no search to the hackers published the program of the vulnerability, so the lower the source code, find the fckeditor folder, look at its directory structure is there wit...

0.7AI score
Exploits0
Rows per page
Query Builder