api uc.php 漏洞,api uc.php 漏洞

The Type

于 2021-03-11 04:09:58 发布

阅读量166

点赞数

文章标签： api uc.php 漏洞

Re阿里提示Discuz uc.key泄露导致代码注入漏洞uc.php的解决方法

if(!API_UPDATEBADWORDS) { return API_RETURN_FORBIDDEN; } $data = array(); if(is_array($post)) { foreach($post as $k => $v) { //dz uc-key if(substr($v['findpattern'], 0, 1) != '/' || substr($v['findpattern'], -3) != '/is') { $v['findpattern'] = '/' . preg_quote($v['findpattern'], '/') . '/is'; }//end $data['findpattern'][$k] = $v['findpattern']; $data['replace'][$k] = $v['replacement']; } }

function updateapps($get, $post) { global $_G; if(!API_UPDATEAPPS) { return API_RETURN_FORBIDDEN; } //$UC_API = $post['UC_API'];//dz uc-key $UC_API = ''; if($post['UC_API']) { $UC_API = str_replace(array('\'', '"', '\\', "\0", "\n", "\r"), '', $post['UC_API']); unset($post['UC_API']); }//end $cachefile = DISCUZ_ROOT.'./uc_client/data/cache/apps.php';

修改兩處！

The Type

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
api uc.php 漏洞,api uc.php 漏洞

Re阿里提示Discuz uc.key泄露导致代码注入漏洞uc.php的解决方法if(!API_UPDATEBADWORDS) {return API_RETURN_FORBIDDEN;}$data = array();if(is_array($post)) {foreach($post as $k =...
复制链接

扫一扫