Repair scheme for exploiting e-mobile vulnerabilities on pan-micro mobile platform

Language 2023-04-17 05:16:18 views: null

The repair plan for the e-mobile vulnerability exploitation of the pan-micro-mobile platform
1. Check the validity of the incoming parameters of the vulnerable module, and limit the incoming parameters
2. When the user enters the limited characters, immediately turn to the custom error page, The default error output method of the server cannot be used.
3. Filter the above tags with dangerous characters, and prohibit the introduction of special characters (', ", +, %, &, <>, (), ;, and, select, etc.) 4
. Encrypt the information stored in the database
5. When linking with the database and accessing the data, use the parameterized query method for link access


Pan micro mobile platform e-mobile vulnerability description

 

Panwei E-Mobile mobile office system uses Apache Struts xwork as the website application framework. Because the software has a high-risk remote code execution vulnerability, attackers can use the vulnerability to remotely execute commands and obtain server permissions.

Guess you like

Origin blog.csdn.net/yetaodiao/article/details/130155327
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com