75 Star 126 Fork 65

快乐源泉 / tpcms

 / 详情

Arbitrary file upload vulnerability exists in tpcms v3.2

待办的
创建于  
2022-04-17 13:20

1,Logging into the management system of tpcms v3.2 (admin/admin888):
URL:
http://IP/admin

输入图片说明

2,"Settings" - "Site Configuration" - "Site Settings" - "More Settings" - "File Upload Format (cfg_file)", add the file of php format:
输入图片说明

3,"Content" - "Service Management" - "Fragment Data" - "Add Fragment Data":
输入图片说明

4,In the text edit box, select "Add File", select the PHP webshell and upload to the server:
输入图片说明
输入图片说明
输入图片说明

5,Access the PHP file according to the echoed path, and successfully getshell:
输入图片说明
输入图片说明

评论 (0)

xrun6 创建了任务

登录 后才可以发表评论

状态
负责人
里程碑
Pull Requests
关联的 Pull Requests 被合并后可能会关闭此 issue
分支
开始日期   -   截止日期
-
置顶选项
优先级
参与者(1)
PHP
1
https://gitee.com/happy_source/tpcms.git
git@gitee.com:happy_source/tpcms.git
happy_source
tpcms
tpcms

搜索帮助