VULHUB ™

### 简要描述： cmseasy后台暴力破解验证码绕过 ### 详细说明： cmseasy [<img src="https://images.seebug.org/upload/201411/12190133c1b88885077168e182fc08cf9735fbe7.jpg" alt="选区_095.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/12190133c1b88885077168e182fc08cf9735fbe7.jpg) 后台登陆请求为: submit=%E6%8F%90%E4%BA%A4&username=admin&password=admin123§156§&expire=&verify=7v111e7&submit=+%E7%99%BB+%E9%99%86+ 清空cookie，服务端就不会验证验证码了。导致暴力破解后台。 [<img src="https://images.seebug.org/upload/201411/1219031871edaf258a859b6b5c645ae78b8a33db.jpg" alt="选区_097.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/1219031871edaf258a859b6b5c645ae78b8a33db.jpg) ### 漏洞证明： [<img src="https://images.seebug.org/upload/201411/1219031871edaf258a859b6b5c645ae78b8a33db.jpg" alt="选区_097.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/1219031871edaf258a859b6b5c645ae78b8a33db.jpg)

### 简要描述： cmseasy后台暴力破解验证码绕过 ### 详细说明： cmseasy [<img src="https://images.seebug.org/upload/201411/12190133c1b88885077168e182fc08cf9735fbe7.jpg" alt="选区_095.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/12190133c1b88885077168e182fc08cf9735fbe7.jpg) 后台登陆请求为: submit=%E6%8F%90%E4%BA%A4&username=admin&password=admin123§156§&expire=&verify=7v111e7&submit=+%E7%99%BB+%E9%99%86+ 清空cookie，服务端就不会验证验证码了。导致暴力破解后台。 [<img src="https://images.seebug.org/upload/201411/1219031871edaf258a859b6b5c645ae78b8a33db.jpg" alt="选区_097.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/1219031871edaf258a859b6b5c645ae78b8a33db.jpg) ### 漏洞证明： [<img src="https://images.seebug.org/upload/201411/1219031871edaf258a859b6b5c645ae78b8a33db.jpg" alt="选区_097.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/1219031871edaf258a859b6b5c645ae78b8a33db.jpg)