上传漏洞
& Y: m7 Z% a2 Z0 T$ q
5 x4 U' }8 }( J4 P) CURL: /admin/image_admin3.php?boardid=&iname=&iform=+ T- \" [7 A5 ?7 o6 ?; x+ N2 `5 X
5 r3 g1 H3 ?' I- r/admin/image_admin2.php?boardid=&iname=&iform=" i7 d7 ^. ~% Z& Z4 S1 c
* Y, X, N% G g- w! @+ V
上传后路径:
( Q% D4 @. Z, N/ q( X, a( T
4 P4 K" V% X& M1 J9 T0 t/ X6 S/bis_web_page/images/t.php.en
' Y( ?+ d. a' P+ B) D- J$ q$ B, y ! q7 l& V8 O J
编辑器:
) @. j. v4 Z3 k6 s; S 9 V4 E+ \- ~, l; J- M
/admin/editor/SWE.php
2 o- }) ]% K/ q4 R* C" B4 z
* z8 V. f5 `# l/program/editor/SWE.php
. ]# r5 `% d4 `5 l/ V
4 w4 ~3 E/ m9 I# z% n* k数据配置文件路径:8 |, |9 u d. A& p0 K8 m
3 x% e9 j7 c" Z3 m5 j& _: P/m_config/DATA/g_setting.php
~3 b, e3 H I& O f$ J# M 2 Q/ _& L9 P: B7 x" E
此程序通用后台账号 :8 N* f' h$ ]& @4 v, k6 [
2 c1 }( E- I7 _! n. u2 ~) N) b z2 B账号:gamsiw 密码php99 |