### 简要描述:
不多说,后台权限泄露
### 详细说明:
在可以输入的地方放了代码,果断命中。看图吧
1·
[<img src="https://images.seebug.org/upload/201210/31092214c3b8b09553d1e63d37a66aa2559211d3.jpg" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201210/31092214c3b8b09553d1e63d37a66aa2559211d3.jpg)
2·
[<img src="https://images.seebug.org/upload/201210/31092224291022aa62b04d99ca341949afc43d51.jpg" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201210/31092224291022aa62b04d99ca341949afc43d51.jpg)
3·
[<img src="https://images.seebug.org/upload/201210/3109223466001ab21a91ad095e1d1fc160e61801.jpg" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201210/3109223466001ab21a91ad095e1d1fc160e61801.jpg)
4·
[<img src="https://images.seebug.org/upload/201210/31093533c3c1b59ffce59a49384d52ec672586a1.jpg" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201210/31093533c3c1b59ffce59a49384d52ec672586a1.jpg)
5·
[<img src="https://images.seebug.org/upload/201210/31093546d7e87dca98e6a0b8a20de69a18887f01.jpg" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201210/31093546d7e87dca98e6a0b8a20de69a18887f01.jpg)
6·
[<img src="https://images.seebug.org/upload/201210/31093556e625f8e889724d7bbc19ff89242795b2.jpg" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201210/31093556e625f8e889724d7bbc19ff89242795b2.jpg)
### 漏洞证明:
[<img src="https://images.seebug.org/upload/201210/31092315cfe9d49cbb5aa49ec16ab79702a2a8ac.jpg" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201210/31092315cfe9d49cbb5aa49ec16ab79702a2a8ac.jpg)
没有上传,没有拿shell,没有帮忙审核,危害程度能看出来么?
京公网安备 11010502034610号
暂无评论