에디터를 사용할 때, 설치 후 샘플페이지 및 주요취약점이 발생하는 페이지를 삭제하지 않고 사용할 경우 해당 경로를 통해 취약점이 발생합니다.
아래는 대표적으로 취약점이 발생하는 경로입니다.
CHEditor |
/editor/popup/image.html |
/cheditor/ |
|
/core/editor/ |
|
/board/cheditor/ |
|
/js/cheditor/ |
|
/cheditor4/ |
|
/ko/cheditor4/ |
|
/cheditor5/ |
|
| /cheditor/example/newpost.html | |
| /cheditor/example/modifiy.html | |
| /cheditor/example/multi.html | |
| /cheditor/imageUpload/upload.jsp | |
CKEditor | /ckeditor/ |
| /ckfinder/ | |
| /ckfinder/ckfinder.html | |
| ckeditor/upload.jsp | |
| /ckeditor/_samples/ | |
/ckeditor/samples/ | |
| /ckeditor/_samples/index.html | |
| /ckeditor/samples/index.html | |
| /skins/ckeditor/ | |
/_sys/_plugin/cke | |
Namo CrossEditor | /namo/ |
| /namo/index.html | |
| /namo/manage/index.html | |
| /crosseditor/ | |
/crosseditor/manager/ | |
| /crosseditor/index.html | |
| /crosseditor/manage/index.html | |
| /crosseditor/manage/jsp/manager_setting.jsp | |
| /crosseditor/binary/upload/devshell.jsp | |
| /crosseditor/binary/upload/cmd.jspx | |
| /resources/crosseditor/ | |
| /resources/crosseditor/index.html | |
| /resources/component/crosseditor/index.html | |
DaumEditor | /daumeditor/ |
| /_moduel/daumeditor/ | |
| /daumeditor/editor.html | |
dext5Editor | /DEXTUpload/ |
| /dext5/ | |
| /dext5upload/ | |
| /dext5upload/sample/ | |
| /com/dext5upload/ | |
| /dext5upload/sample/index.html | |
| /dext5Upload/sample/html/sample_upload.html | |
| /dext5editor/admin/jsp/login.jsp | |
| /dext5editor/admin/jsp/uploader_setting.jsp | |
| /samples/index.html | |
| /aspupload/ | |
| /aspupload/file_upload.html | |
FCKEditor | /fck/editor/ |
| /FCKeditor/ | |
| /js/fckeditor/ | |
| /feditor/editor/fckeditor.html | |
| /fckeditor/editor/filemanager/browser/default/browser.html | |
| /fckeditor/editor/filemanager/connectors/test.html | |
| /fckeditor/editor/filemanager/connectors/uploadtest.html | |
| /editor/filemanager/browser/default/browser.html | |
| /editor/editor/filemanager/browser/default/browser.html | |
| /HtmlEditor/_samples/default.html | |
SmartEditor | /js/se2/SmartEditor2.html |
| /nse/SmartEditor2.html | |
| /SmartEditor2.html | |
| /SmartEditorBasic/ | |
| /SmartEditor2/ | |
| /SmartEditorBasic/SEditorDemo.html | |
| /SEditor/popup/quick_photo/imgupload.jsp | |
| /smarteditor/photo_uploader/popup/file_uploader_html5.php | |
| /SE2/photo_uploader/popup/file_uploader_html5.php | |
| /smarteditor2/photo_uploader/popup/file_uploader_html5.php | |
| /smarteditor/popup/quick_photo/FileUploader_html5.php | |
| /plugin/smarteditor2/photo_uploader/popup/file_uploader_html5.php |
'Web' 카테고리의 다른 글
| Same site (Cookie) (0) | 2021.03.29 |
|---|---|
| marquee onstart xss & XSS 기법 (0) | 2019.05.10 |
| xp_cmdshell 활성화 쿼리 (1) | 2018.10.01 |
| MSSQL Limit 기능 구현 (0) | 2018.10.01 |
| MSSQL Injection (0) | 2018.09.20 |