CmsEasy最新 V5.5-UTF8 正式版多处漏洞打包

- AV AC AU C I A
发布: 2025-04-13
修订: 2025-04-13

### 简要描述: 补了20140605 ### 详细说明: 首先是个注入,这个漏洞比较无语,真正的无视过滤,没引号保护。。 漏洞位于bbs/add-archive.php: ``` <?php require_once 'bbs_public.php'; //验证用户登陆相关操作 $admin = new action_admin(); $admin->check_login(); $category = db_bbs_category::getInstance(); $category_data = $category->getAll(); $cid = isset($_GET['cid']) ? intval($_GET['cid']) : 1 ; $label = db_bbs_label::getInstance(); $lable_data = $label->getAll(); if(isset($_POST['submit'])){ if(strtolower(trim($_POST['verify'])) != strtolower($_SESSION['verify'])){ action_public::turnPage('index.php','验证码输入错误!'); } $archive = db_bbs_archive::getInstance(); unset($_POST['submit']); unset($_POST['verify']); $_POST['username'] = $_COOKIE['login_username']; $_POST['userid'] = $admin->userid; $_POST['ip'] = $_SERVER['REMOTE_ADDR']; $_POST['addtime'] = mktime(); if($id = $archive->inserData($_POST)){ //这里直接将表单中的值交给了insertData函数,我们跟进 action_public::turnPage('archive-display.php?aid='.$id,'文章添加成功'); }else{...

0%
暂无可用Exp或PoC
当前有0条受影响产品信息