DedeCMS V5.7 SP2前台文件上传漏洞 (CVE-2018-20129)

Basic Fields

SSV ID:
SSV-97734
Find Time:
2018-12-14
Submit Time:
2018-12-21
Level:
Category:
文件上传
Component:
DedeCMS
(v5.7 sp2)
Author:
陈灿华
Submitter:
Knownsec
CVE-ID:
CVE-2018-20129
CNNVD-ID:
CNNVD-201812-688
CNVD-ID:
Add
ZoomEye Dork:
Add

Source

Login to see

Detail

Contributor Got  0KB
Login to see
have 0  exchange

PoC

Login to see

Reference Linking

Login to see

Solutions

Login to see
Popularity 10324
Need to bind phone before comment. Bind Now

All Comments (2)

  • 12ee3737f338
    这是上传了一个PHP后缀的图片一句话么?我测试用菜刀连不上这样的PHP怎么回事
    2F
  • 8615f335
    这不是后台了么
    • anonymous
      测试了, 这不是后台, 只是前台用户有了发表文章的权限后, 就可以了, 漏洞复现成功
    1F

※Any content provided by this site, only to learn the code and services, not for illegal purposes