hi:
I found a php code execute in /admin/web_config.php at version5.6
1.Login as admin
2. open http://192.168.10.12/admin/default.php
3.at the setting watermark input the payload
Watermark text input xxx'
Text color input ;phpinfo();//
4.submit and visit watermark setting you can see the php code execute
because the payload was write in /data/watermark.inc.php
the watermark.inc.php was inclue by require_once so php code execute
hi:

I found a php code execute in /admin/web_config.php at version5.6
1.Login as admin
2. open http://192.168.10.12/admin/default.php
3.at the setting watermark input the payload
Watermark text input xxx'

Text color input ;phpinfo();//
4.submit and visit watermark setting you can see the php code execute

because the payload was write in /data/watermark.inc.php

the watermark.inc.php was inclue by require_once so php code execute

suggest:
replace ' ,,;,(,)
version:5.6
author by xijun.liao@dbappsecurity.com.cn
I hope you can fix it
The text was updated successfully, but these errors were encountered: