Quick message book v10.09 Vulnerability

Author: Unknown affected version: quick message book v10.09 vulnerability Description: Upload Vulnerability: vulnerability page: upadd. asp exploitation method: directly add a vulnerability page address after the message book: for example, Cookie Spoofing Vulnerability: vulnerability page: upadmin_main.asp. The image list upadmin_list.asp can also be uploaded to view the page source code.

Author: Unknown
Affected Version: quick message book v10.09
Vulnerability description:

Upload Vulnerability:
Vulnerability page:/up/Dd. Asp
Method of exploits: Add a vulnerability page address directly behind the message book: for example:

Cookie spoofing vulnerability:
Vulnerability page:/up/admin_main.asp, image list/up/admin_list.asp. You can directly view the source code of the page after passing the vulnerability.
Cookie verification is used in the code. As a result, you can enter the management background and set the upload type.
Finally, the Webshell is uploaded. The vulnerability code is as follows:
<% If request. cookies ("picc") ("picc2") <> "" then %>

<%
Dim Msg
If Request. QuerySTrIng ("Action") = "Save" Then SaveData
Sub SaveData ()
MyConn.ExECutE ("upDateConfigSetOKAr = '"& Request. FoRm("Ftype") & "', OKsize =" & Request. Form ("fsize "))
Msg = "the file data information has been modified successfully"
End Sub
If msg <> "Then
Response. Write (" "& Msg &"

Click here to return ")
Response. End ()
End If
%>

Usage method: after entering the management background, you can set up the upload page to upload. If not, you can directly upload 1.asp;.jpg ..