ecshop 依然存在爆路径漏洞

2012-05-23T00:00:00
ID SSV:93515
Type seebug
Reporter Root
Modified 2012-05-23T00:00:00

Description

简要描述:

详细说明:

ecshop 依然存在爆路径漏洞 (另求乌云邀请码 )

漏洞证明:

<img src="https://images.seebug.org/upload/201205/2310412430b033058e537cd4aa361b90217725e1.jpg" alt="" width="600" onerror="javascript:errimg(this);">

http://www.ecshop.cn/respond.php?code=cod&attach=voucher&sp_billno=1%20and%201=2