TinyShop修复不当再次注入(全版本)

- AV AC AU C I A
发布: 2025-04-13
修订: 2025-04-13

### 简要描述: 在修复http://www.wooyun.org/bugs/wooyun-2014-068153漏洞时候,处理不当,治标不治本。 ### 详细说明: ``` public static function getIP() { if (isset($_SERVER["HTTP_X_FORWARDED_FOR"]))$ip = $_SERVER["HTTP_X_FORWARDED_FOR"]; elseif (isset($_SERVER["HTTP_CLIENT_IP"])) $ip = $_SERVER["HTTP_CLIENT_IP"]; elseif (isset($_SERVER["REMOTE_ADDR"])) $ip = $_SERVER["REMOTE_ADDR"]; elseif (getenv("HTTP_X_FORWARDED_FOR")) $ip = getenv("HTTP_X_FORWARDED_FOR"); elseif (getenv("HTTP_CLIENT_IP")) $ip = getenv("HTTP_CLIENT_IP"); elseif (getenv("REMOTE_ADDR")) $ip = getenv("REMOTE_ADDR"); else $ip = "Unknown"; return $ip; } ``` 之前漏洞中对getip并未做修改,而是对/controller/controller_class.php文件中添加了ip判断,但是使用getip的还有另外一个点(仅剩下此处了) 在protected\classes\Log.php中 ``` public static function op($manager_id,$action,$content) { $logs = array('manager_id'=>$manager_id,'action'=>$action,'content'=>$content,'ip'=>Chips::getIP(),'url'=>Url::requestUri(),'time'=>date('Y-m-d H:i:s')); $model = new Model('log_operation');...

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有0条受影响产品信息