### 简要描述: SHOPEX 4.8.5后台任意上传获取webshell,藏了很久了 发了吧~ ### 详细说明: SHOPEX 4.8.5后台任意上传获取webshell,本地构造GIF89欺骗头文件一句话木马,上传并替换plugins下的PHP文件(原文件自动备份),导致获取WEBSHELL ### 漏洞证明: [<img src="https://images.seebug.org/upload/201211/21165001bdb1d95ea794c1d2521ac5d22edfeda9.jpg" alt="02.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201211/21165001bdb1d95ea794c1d2521ac5d22edfeda9.jpg) [<img src="https://images.seebug.org/upload/201211/21165010e7c144dd267043429d5e21983368b103.jpg" alt="03.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201211/21165010e7c144dd267043429d5e21983368b103.jpg) [<img src="https://images.seebug.org/upload/201211/21165036ec502d9ecb8d99e3aa4fc5673cea3edf.jpg" alt="04.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201211/21165036ec502d9ecb8d99e3aa4fc5673cea3edf.jpg) [<img src="https://images.seebug.org/upload/201211/21165054ee725eb5cd89275fb6f63c74999016e1.jpg"...
### 简要描述: SHOPEX 4.8.5后台任意上传获取webshell,藏了很久了 发了吧~ ### 详细说明: SHOPEX 4.8.5后台任意上传获取webshell,本地构造GIF89欺骗头文件一句话木马,上传并替换plugins下的PHP文件(原文件自动备份),导致获取WEBSHELL ### 漏洞证明: [<img src="https://images.seebug.org/upload/201211/21165001bdb1d95ea794c1d2521ac5d22edfeda9.jpg" alt="02.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201211/21165001bdb1d95ea794c1d2521ac5d22edfeda9.jpg) [<img src="https://images.seebug.org/upload/201211/21165010e7c144dd267043429d5e21983368b103.jpg" alt="03.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201211/21165010e7c144dd267043429d5e21983368b103.jpg) [<img src="https://images.seebug.org/upload/201211/21165036ec502d9ecb8d99e3aa4fc5673cea3edf.jpg" alt="04.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201211/21165036ec502d9ecb8d99e3aa4fc5673cea3edf.jpg) [<img src="https://images.seebug.org/upload/201211/21165054ee725eb5cd89275fb6f63c74999016e1.jpg" alt="05.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201211/21165054ee725eb5cd89275fb6f63c74999016e1.jpg)