Fengxun website management system arbitrary password Modification Vulnerability FoosunCMS is a powerful function-based content management software based on ASP + ACCESSMSSQL architecture. Vulnerability Analysis: In the file \ User \ GetPassword. asp: ElseIfRequest. Form (Action) step3then 28th rows Callstep3 () Substep3 () 198th rows Dimp
Fengxun website management system arbitrary password Modification Vulnerability
FooSuNCMS is a powerful Content Management Software Based on ASP + ACCESS/MSSQL architecture.
Vulnerability Analysis:
In file \ User \ GetPassword. asp:
ELsEIf Request. FoRm("Action") = "step3" then // Call step 3 ()...... Sub step3 () // 198th rows Dim p_pass_new, p_confim_pass_new p_pass_new = md5 (Request. Form ("pass_new"), 16 )...... User_Conn.ExECutE ("UpDateFS_ME_UsersSetUserPassword = '"& NoSqlHack (p_pass_new) &" 'where UserName =' "& NoSqlHack (STrUserName) & "'and Email ='" & NoSqlHack (Replace (Request. form ("Email"), "'' "," ") &" '") // 220th rows
You can create a form locally so that the program can directly change the password, only the user name and email address are required.
Vulnerability exploitation: