dedecms安全漏洞之/include/common.inc.php漏洞解決辦法

發表時間:2019-06-04 16:17????責任編輯:莫都晨曉????瀏覽:
在 /include/common.inc.php 中

查找:foreach(Array('_GET','_POST','_COOKIE') as $_request)

將如下代碼
foreach(Array('_GET','_POST','_COOKIE') as $_request)
{
         foreach($$_request as $_k => $_v) ${$_k} = _RunMagicQuotes($_v);
}

改為:
    foreach(Array('_GET','_POST','_COOKIE') as $_request)
    {
         foreach($$_request as $_k => $_v) {
                    if( strlen($_k)>0 && eregi('^(cfg_|GLOBALS)',$_k) ){
                            exit('Request var not allow!');
                   }
                    ${$_k} = _RunMagicQuotes($_v);
    }


問題解決
15063366547
286601999
微信咨詢
西部大开发赚钱不用愁