Skip to content


Fckeditor<=2.4.2含上传漏洞

Version <=2.4.2 For php 在处理PHP 上传的地方并未对Media 类型进行上传文件类型的控制,导致用户上传任意文件!将以下保存为html文件,修改action地址。

Upload a new file:


还有很有漏洞详见参考

参考:
http://www.85815.com/article.asp?id=1320

Posted in 安全通告.

Tagged with .


No Responses (yet)

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.



Some HTML is OK

or, reply to this post via trackback.