### 简要描述: Jeecms是基于java技术研发的站群管理系统,稳定、安全、高效、跨平台、无限扩展是jeecms 的优点,系统支持mysql、oracle、sqlserver、db2等主流数据库。 搜索引擎的都被我爬了,一网打尽,所以不要在提交了,嘿嘿。。。 ### 详细说明: 很可惜,存在远程命令执行漏洞,Struts2... [<img src="https://images.seebug.org/upload/201307/311526317bdb0b22934c9fb21622d923a07cdbbd.png" alt="jeecms.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201307/311526317bdb0b22934c9fb21622d923a07cdbbd.png) [<img src="https://images.seebug.org/upload/201307/311526470ff9253d2170a7bc0b4bfd0b20b6604f.png" alt="jeecms2.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201307/311526470ff9253d2170a7bc0b4bfd0b20b6604f.png) ### 漏洞证明: ``` http://www.whrsks.gov.cn/jeecms/RegisterInput.jspx => whrsks_b_001\admin_tomcat http://www.jnh.gov.cn/jncms/RegisterInput.jspx => NULL http://www.gykj.gov.cn/jeecms/RegisterInput.jspx => nt authority\system http://www.beidaihe.gov.cn/bdhjtlg/ysusoft/RegisterInput.jspx => root...
### 简要描述: Jeecms是基于java技术研发的站群管理系统,稳定、安全、高效、跨平台、无限扩展是jeecms 的优点,系统支持mysql、oracle、sqlserver、db2等主流数据库。 搜索引擎的都被我爬了,一网打尽,所以不要在提交了,嘿嘿。。。 ### 详细说明: 很可惜,存在远程命令执行漏洞,Struts2... [<img src="https://images.seebug.org/upload/201307/311526317bdb0b22934c9fb21622d923a07cdbbd.png" alt="jeecms.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201307/311526317bdb0b22934c9fb21622d923a07cdbbd.png) [<img src="https://images.seebug.org/upload/201307/311526470ff9253d2170a7bc0b4bfd0b20b6604f.png" alt="jeecms2.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201307/311526470ff9253d2170a7bc0b4bfd0b20b6604f.png) ### 漏洞证明: ``` http://www.whrsks.gov.cn/jeecms/RegisterInput.jspx => whrsks_b_001\admin_tomcat http://www.jnh.gov.cn/jncms/RegisterInput.jspx => NULL http://www.gykj.gov.cn/jeecms/RegisterInput.jspx => nt authority\system http://www.beidaihe.gov.cn/bdhjtlg/ysusoft/RegisterInput.jspx => root http://www.hzjg.gov.cn/jeecms/RegisterInput.jspx => zavm04\administrator http://www.ssjsw.gov.cn/jeecms/RegisterInput.jspx => yy-b4e10e848b59\vhost http://www.ccms.gov.cn/jeecms/RegisterInput.jspx => NULL http://www.houjie.gov.cn/jeecms/RegisterInput.jspx => NULL http://www.beicai.gov.cn/ebware/RegisterInput.jspx => webserver\administrator http://www.zbboftec.gov.cn:7080/jmj/jeecms/RegisterInput.jspx => root http://www.cie.gov.cn/estcms/RegisterInput.jspx => mohrss-coea\root http://www.cie.gov.cn/cie/estcms/RegisterInput.jspx => mohrss-coea\root http://www.sdchem.gov.cn/jeecms/RegisterInput.jspx => nt authority\system http://www.szwzgs.gov.cn/JeecmsH/jeecms/RegisterInput.jspx => nt authority\system http://www.szwzgs.gov.cn/JeecmsH/jeecms/RegisterInput.jspx => nt authority\system http://www.txajj.gov.cn:8895/jeecms/RegisterInput.jspx => yy-b4e10e848b59\vhost http://www.hrspaq.gov.cn/hrsp/jeecms/RegisterInput.jspx => nt authority\system http://www.sygtzy.gov.cn/jeecms/RegisterInput.jspx => wzq\administrator http://www.hhyq.gov.cn/hhyq/jeecms/RegisterInput.jspx => nt authority\system http://www.ttrc.gov.cn/jeecms/RegisterInput.jspx => nt authority\system http://szwh.bjft.gov.cn/sandint/RegisterInput.jspx => root http://zhibo.yushu.gov.cn:8080/yscms/jeecms/RegisterInput.jspx => NULL http://gov.zjly.gov.cn:8080/jeecms/RegisterInput.jspx => root http://smeljd.jingan.gov.cn:8081/jeecms/jeecms/RegisterInput.jspx => NULL http://szwh.bjft.gov.cn/sandint/RegisterInput.jspx => root http://zhibo.yushu.gov.cn:8080/yscms/jeecms/RegisterInput.jspx => NULL http://gov.zjly.gov.cn:8080/jeecms/RegisterInput.jspx => root http://smeljd.jingan.gov.cn:8081/jeecms/jeecms/RegisterInput.jspx => NULL http://www.yksrkjsj.gov.cn/jeecms/RegisterInput.jspx => nt authority\system ```
