에디터를 사용할 때, 설치 후 샘플페이지 및 주요취약점이 발생하는 페이지를 삭제하지 않고 사용할 경우 해당 경로를 통해 취약점이 발생합니다.
아래는 대표적으로 취약점이 발생하는 경로입니다.
|
CHEditor |
/editor/popup/image.html |
|
/cheditor/ |
|
|
/core/editor/ |
|
|
/board/cheditor/ |
|
|
/js/cheditor/ |
|
|
/cheditor4/ |
|
|
/ko/cheditor4/ |
|
|
/cheditor5/ |
|
|
/cheditor/example/newpost.html |
|
|
/cheditor/example/modifiy.html |
|
|
/cheditor/example/multi.html |
|
|
/cheditor/imageUpload/upload.jsp |
|
|
CKEditor |
/ckeditor/ |
|
/ckfinder/ |
|
|
/ckfinder/ckfinder.html |
|
|
ckeditor/upload.jsp |
|
|
/ckeditor/_samples/ |
|
|
/ckeditor/samples/ |
|
|
/ckeditor/_samples/index.html |
|
|
/ckeditor/samples/index.html |
|
|
/skins/ckeditor/ |
|
|
/_sys/_plugin/cke |
|
|
Namo CrossEditor |
/namo/ |
|
/namo/index.html |
|
|
/namo/manage/index.html |
|
|
/crosseditor/ |
|
|
/crosseditor/manager/ |
|
|
/crosseditor/index.html |
|
|
/crosseditor/manage/index.html |
|
|
/crosseditor/manage/jsp/manager_setting.jsp |
|
|
/crosseditor/binary/upload/devshell.jsp |
|
|
/crosseditor/binary/upload/cmd.jspx |
|
|
/resources/crosseditor/ |
|
|
/resources/crosseditor/index.html |
|
|
/resources/component/crosseditor/index.html |
|
|
DaumEditor |
/daumeditor/ |
|
/_moduel/daumeditor/ |
|
|
/daumeditor/editor.html |
|
|
dext5Editor |
/DEXTUpload/ |
|
/dext5/ |
|
|
/dext5upload/ |
|
|
/dext5upload/sample/ |
|
|
/com/dext5upload/ |
|
|
/dext5upload/sample/index.html |
|
|
/dext5Upload/sample/html/sample_upload.html |
|
|
/dext5editor/admin/jsp/login.jsp |
|
|
/dext5editor/admin/jsp/uploader_setting.jsp |
|
|
/samples/index.html |
|
|
/aspupload/ |
|
|
/aspupload/file_upload.html |
|
|
FCKEditor |
/fck/editor/ |
|
/FCKeditor/ |
|
|
/js/fckeditor/ |
|
|
/feditor/editor/fckeditor.html |
|
|
/fckeditor/editor/filemanager/browser/default/browser.html |
|
|
/fckeditor/editor/filemanager/connectors/test.html |
|
|
/fckeditor/editor/filemanager/connectors/uploadtest.html |
|
|
/editor/filemanager/browser/default/browser.html |
|
|
/editor/editor/filemanager/browser/default/browser.html |
|
|
/HtmlEditor/_samples/default.html |
|
|
SmartEditor |
/js/se2/SmartEditor2.html |
|
/nse/SmartEditor2.html |
|
|
/SmartEditor2.html |
|
|
/SmartEditorBasic/ |
|
|
/SmartEditor2/ |
|
|
/SmartEditorBasic/SEditorDemo.html |
|
|
/SEditor/popup/quick_photo/imgupload.jsp |
|
|
/smarteditor/photo_uploader/popup/file_uploader_html5.php |
|
|
/SE2/photo_uploader/popup/file_uploader_html5.php |
|
|
/smarteditor2/photo_uploader/popup/file_uploader_html5.php |
|
|
/smarteditor/popup/quick_photo/FileUploader_html5.php |
|
|
/plugin/smarteditor2/photo_uploader/popup/file_uploader_html5.php |
출처: https://taesun1114.tistory.com/entry/주요-Editor-샘플페이지-및-취약점-발생경로
'Hacking > Etc' 카테고리의 다른 글
| Fiddler 아이콘 정리 (0) | 2022.04.14 |
|---|
댓글