MetInfo动态

MetInfo 3.0 (fckeditor)上传漏洞修复办法

2010-11-09 作者：metinfo

漏洞影响：如果你的后台允许上传的文件包含可执行文件格式，将被黑客利用上传危险文件至FTP。

安全威胁：低

修补办法：
手动通过FTP删除以下2个文件：
1、fckeditor/editor/filemanager/connectors/uploadtest.html
2、fckeditor/editor/filemanager/connectors/test.html

关注“米拓”服务号，你可以及时接收MetInfo的新闻动态！

CMS

关于

0731-85514433售前
0731-85514453售后

工作日 9:00-12:00 13:30-18:00
周六及部分节假日提供值班服务

{"status":1,"html":"<style type=\"text\/css\">\r\n.onlinebox_one{background-color: transparent;box-shadow: none;}\r\n.onlinebox_one .online-item{width: 68px;height: 60px;margin-bottom: 2px; padding-top: 12px; position: relative;display: block;color: #ffffff;}\r\n.onlinebox_one .online-item:nth-child(2){border-radius: 5px 5px 0px 0px;}\r\n.onlinebox_one .online-item:last-child{border-radius: 0px 0px 5px 5px;}\r\n.onlinebox_one .online-item i{font-size: 18px;}\r\n.onlinebox_one .onlinebox-open{border-radius: 5px;font-size: 22px;}\r\n.onlinebox_one .close{font-style: initial;color: #fff;opacity: 1;position: absolute; right: -5px; top: -15px;z-index:1; border-radius: 50%; width: 25px;\r\n    height: 25px;line-height:25px; display: none;font-size: 20px !important; font-family: arial; }\r\n.onlinebox .onlinebox-open {display: block; cursor: pointer; padding: 0 10px; font-size: 18px; line-height: 40px; color: #fff; }\r\n@media (min-width: 768px){\r\n.onlinebox_one .onlinebox-open{display: none;}\r\n}\r\n@media (max-width: 767px){\r\n.onlinebox_one .online-item:first-child{border-radius: 5px 5px 0px 0px;}\r\n.onlinebox_one .onlinebox_one_list{display: none;}\r\n.onlinebox_one .close{display:block;}\r\n.onlinebox_one .online-item{width: 54px;height: 50px;font-size: 12px;padding-top: 6px;}\r\n.onlinebox_one .online-item i{font-size: 14px;}\r\n}\r\n<\/style>\r\n<div id='onlinebox'  class=\"onlinebox onlinebox_one hide\" m-type='online' m-id='online'>\r\n    <div class=\"onlinebox-open text-xs-center\" id=\"onlinebox-open\" style=\"background:#ff8a00;\"> <i class=\"fa fa-comments-o\"><\/i>\r\n    <\/div>\r\n                    <div class=\"onlinebox_one_list\">\r\n        <a href=\"javascript:void(0)\" class=\"text-xs-center\">\r\n            <i class=\"close\" style=\"background:#ff8a00;\">x<\/i>\r\n        <\/a>\r\n                                        <a href=\"https:\/\/wpa1.qq.com\/zuLI4kr9?_type=wpa&qidian=true\" title=\"销售咨询\" class=\"online-item text-xs-center\" target=\"_blank\" style=\"background-color: #ff8a00;\">\r\n                <i class=\"icon fa-qq\"><\/i>\r\n                <p class=\"m-b-0\">销售咨询<\/p>\r\n            <\/a>\r\n                                            <a href=\"https:\/\/url.cn\/5wBN48B?_type=wpa&qidian=true\" title=\"销售咨询1\" class=\"online-item text-xs-center\" target=\"_blank\" style=\"background-color: #ff8a00;\">\r\n                <i class=\"icon fa-link\"><\/i>\r\n                <p class=\"m-b-0\">销售咨询1<\/p>\r\n            <\/a>\r\n                                            <a href=\"https:\/\/wpa.qq.com\/msgrd?v=3&uin=3007086840&site=qq&menu=yes\" title=\"3007086840\" class=\"online-item text-xs-center\" target=\"_blank\" style=\"background-color: #ff8a00;\">\r\n                <i class=\"icon fa-qq\"><\/i>\r\n                <p class=\"m-b-0\">售后咨询<\/p>\r\n            <\/a>\r\n                    <\/div>\r\n    <\/div>\r\n<script>\r\n$(function(){\r\n        $(\"#onlinebox-open\").click(function(){\r\n        $(\"#onlinebox\").find(\".onlinebox_one_list\").show();\r\n        $(this).hide();\r\n    });\r\n    $(\".onlinebox .close\").click(function(){\r\n      $(\"#onlinebox\").find(\".onlinebox_one_list\").hide();\r\n      $(\"#onlinebox-open\").show();\r\n    });\r\n});\r\n<\/script>","t":"4","x":"10","y":"100"}

MetInfo动态

MetInfo 3.0 (fckeditor)上传漏洞修复办法

MetInfo

功能介绍

更新日志

许可协议

下载源码

推荐

米拓商城小程序

商城系统

米拓小程序

高端定制

支持

帮助中心

客服工单

授权查询

米拓学堂

关于

了解米拓

联系我们

付款方式

资质证照

MetInfo动态

温馨提示

MetInfo 3.0 (fckeditor)上传漏洞修复办法