EZEIP3.0多页面上传验证漏洞及修复
1.修改IE浏览器的安全设置,调制最高,然而禁止js执行。2.打开修改上传类型页面,添加aspx类型,点击保存,再打开上传页面上传
存在问题的上传类型页面:
http://www.sitedirsec.com/whir_system/module/config/upload.aspx
上传页面:
http://www.XXX.com/whir_system/module/picture/radiopictureselect.aspx
http://www.XXX.com/whir_system/module/picture/uploadpicture.aspx
http://www.2cto.com /whir_system/module/picture/pictureselect.aspx
http://www.xxxj.com/whir_system/module/picture/picturesingleselect.aspx
http://www.xxx.com/whir_system/module/video/videoupload.aspx
页:
[1]