This article is a mirror article of machine translation, please click here to jump to the original article.

Architect_Programmer_Code Agriculture Network»Architect Other Technologies Safe offense and defense Alibaba hints at the workaround for Discuz uc.key leak that led to code injection vulnerability...
View: 13578|Reply: 0

[Safety Tutorial] Alibaba hinted at the workaround for Discuz uc.key leak that led to the code injection vulnerability

[Copy link]
Posted on 8/30/2016 4:28:33 PM | | |
In the past few days, I have seen many people ask discuz uc.key the solution to the uc.php of the code injection vulnerability caused by the leakage, and also read some of the solutions provided by you recently, and after comparing the files, I found that the latest version of the uc.php has fixed the problem you mentioned, but Alibaba Cloud also has relevant tips, and the following is provided with relevant modification instructions, you can try it

Start by locating this file/api/uc.php

The first modification:


The second place is modified


The third place is modified


instead of

The latest version of UC has done the above fixes, if you are the latest version of X3.2, you don't need to update, just ignore Alibaba Cloud's prompts.






Previous:WeChat public account development series of tutorials
Next:.net/c# Alibaba Cloud OCR ID Card Recognition Demo[Source Code]

Related Posts
Disclaimer:
All software, programming materials or articles published by Code Farmer Network are only for learning and research purposes; The above content shall not be used for commercial or illegal purposes, otherwise, users shall bear all consequences. The information on this site comes from the Internet, and copyright disputes have nothing to do with this site. You must completely delete the above content from your computer within 24 hours of downloading. If you like the program, please support genuine software, purchase registration, and get better genuine services. If there is any infringement, please contact us by email.
Mail To:help@itsvse.com