[CVE-2022-44089]There is another Remote Code Execution after login Manage background

Here I choose the latest version downloaded from the official website,Because I found that the gitee version is not the latest version.
The official url is https://www.ecisp.cn/html/cn/download_espcms/.
![输入图片说明](https://foruda.gitee.com/images/1666256360152159022/4199ba9c_9100358.png "屏幕截图")
login in to the manage background,and use below function
![输入图片说明](https://foruda.gitee.com/images/1666256385088130346/aea073a3_9100358.png "屏幕截图")
Use burpsuite ,and then modify the requests.
There we modify the IS_GETCACHE from 1 to 1,);phpinfo();/*
![输入图片说明](https://foruda.gitee.com/images/1666256422108162104/fecd2a9d_9100358.png "屏幕截图")
Then we see the below php file was modifyed by us,and we visit it
![输入图片说明](https://foruda.gitee.com/images/1666256462237376525/b642fd7b_9100358.png "屏幕截图")
![输入图片说明](https://foruda.gitee.com/images/1666256483443571910/c7039e75_9100358.png "屏幕截图")
This vulnerability is similar to the previous one(#I5WSA0:There is a Remote Code Execution after login Manage background)

There are two other places where this vulnerability exists
![输入图片说明](https://foruda.gitee.com/images/1666257037761402319/f9a7ef8a_9100358.png "屏幕截图")
![输入图片说明](https://foruda.gitee.com/images/1666257067546319506/b25b69ae_9100358.png "屏幕截图")

轻舞飞沙/易思ESPCMS-P8企业建站管理系统

Content Risk Flag

Comments (0)

轻舞飞沙/易思ESPCMS-P8企业建站管理系统 .gitee-modal { width: 500px !important; }

Content Risk Flag