### 简要描述: 某教育门户CMS存在命令执行漏洞 ### 详细说明: 漏洞厂商:上海释锐教育软件有限公司 漏洞程序:释锐自助建站系统(门户网站系统 http://www.threeoa.com/product/501.html 部分案例: www.jmsyz.net/eeoaftp/downloadFile.action www.zichang.sh.cn/eeoaftp/downloadFile.action www.sipras.net/eeoaftp/downloadFile.action www.mzlyz.cn/eeoaftp/downloadFile.action ssd3.31390.com/eeoaftp/downloadFile.action www.xiezhengyong.net/eeoaftp/downloadFile.action 利用: [<img src="https://images.seebug.org/upload/201409/27172946800dd68a0dc33a00222a8bb1d35152f9.jpg" alt="1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201409/27172946800dd68a0dc33a00222a8bb1d35152f9.jpg) [<img src="https://images.seebug.org/upload/201409/2717295965968ff6a989aa17a8d033502ba88c5d.jpg" alt="2.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201409/2717295965968ff6a989aa17a8d033502ba88c5d.jpg) [<img src="https://images.seebug.org/upload/201409/27173008f73e4ffd8c6af5ef0951e29e4a00b126.jpg" alt="3.jpg"...
### 简要描述: 某教育门户CMS存在命令执行漏洞 ### 详细说明: 漏洞厂商:上海释锐教育软件有限公司 漏洞程序:释锐自助建站系统(门户网站系统 http://www.threeoa.com/product/501.html 部分案例: www.jmsyz.net/eeoaftp/downloadFile.action www.zichang.sh.cn/eeoaftp/downloadFile.action www.sipras.net/eeoaftp/downloadFile.action www.mzlyz.cn/eeoaftp/downloadFile.action ssd3.31390.com/eeoaftp/downloadFile.action www.xiezhengyong.net/eeoaftp/downloadFile.action 利用: [<img src="https://images.seebug.org/upload/201409/27172946800dd68a0dc33a00222a8bb1d35152f9.jpg" alt="1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201409/27172946800dd68a0dc33a00222a8bb1d35152f9.jpg) [<img src="https://images.seebug.org/upload/201409/2717295965968ff6a989aa17a8d033502ba88c5d.jpg" alt="2.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201409/2717295965968ff6a989aa17a8d033502ba88c5d.jpg) [<img src="https://images.seebug.org/upload/201409/27173008f73e4ffd8c6af5ef0951e29e4a00b126.jpg" alt="3.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201409/27173008f73e4ffd8c6af5ef0951e29e4a00b126.jpg) ### 漏洞证明:
