标题:BOOKSolved 1.2.2 (l) Remote File Disclosure Vulnerability
Discovered by bd0rk HdhCmsTest2cto测试数据
测试平台: Ubuntu-Linux
开发者: http://HdhCmsTestusolved.net/
下载 地址: http://HdhCmsTestusolved.net/scripts/booksolved_v1.2.2.zip
测试: http://HdhCmsTest2cto测试数据 /[path]/inc/gbook_setcookie.php?l=R3adIn.php
修复:过滤该页面
----------------------------------------------------------------------------
描述:
gbook_setcookie.php line 7代码缺陷只是攻击者能read in sensitive files about l-parameter.
bd0rk's-Fixtip: Percolate the l-parameter before $_GET
Greetings from Germany, the 22 years old bd0rk.
查看更多关于BOOKSolved 1.2.2远程文件泄露及修复 - 网站安全 - 自的详细内容...
声明:本文来自网络,不代表【好得很程序员自学网】立场,转载请注明出处:http://www.haodehen.cn/did11240