Article directory
Vulnerability description
There is a command debugging page in debug.php of the Blue Ocean Excellence Billing Management System, which allows attackers to execute commands remotely
Vulnerability impact
Blue Ocean Excellence Billing Management System
Vulnerability recurrence
The login page is as follows
Visit the /debug.php page to check whether the debug page is enabled, and this vulnerability exists if it is enabled.
To verify the vulnerability, enter the shell command "whoami"
Solution
Please pay attention to the manufacturer's vulnerability patches and solutions