台州市极速网络CMS /data/log/passlog.php 任意代码执行漏洞

- AV AC AU C I A
发布: 2025-04-13
修订: 2025-04-13

<p>先看根目录当中的login.php</p><pre><code style="margin: 0px; font-family: 'Lucida Console', 'Courier New', Courier, mono, monospace; color: rgb(51, 51, 51); background-color: rgb(248, 248, 248);">&lt;?<br style="margin: 0px; padding: 0px;"> $IS_LOGIN = true;<br style="margin: 0px; padding: 0px;"> require "./includes/headinc.php";<br style="margin: 0px; padding: 0px;"> register_shutdown_function('union_end');<br style="margin: 0px; padding: 0px;"> <br style="margin: 0px; padding: 0px;"> if($action == 'logout') {<br style="margin: 0px; padding: 0px;"> $union_user = $union_pass = $gid = '';<br style="margin: 0px; padding: 0px;"> //clearcookies();<br style="margin: 0px; padding: 0px;"> //$sess_arr = array();<br style="margin: 0px; padding: 0px;"> $_SESSION[sess_arr] = $sess_arr = '';<br style="margin: 0px; padding: 0px;"> session_unregister('sess_arr');<br style="margin: 0px; padding: 0px;"> echo "&lt;meta http-equiv=\"refresh\" content=\"0;url=admin.php\"&gt;";<br style="margin: 0px;...

0%
暂无可用Exp或PoC
当前有0条受影响产品信息