支付宝检测我的网站,检查出这个插件有漏洞,具体如下:
漏洞类型
Z-Blog_v151_zb_users/plugin/STACentre/include.php_信息泄露
漏洞详情
request:{"header":"GET /zb_users/plugin/STACentre/include.php HTTP/1.1
Host: www.xxxx.com
Connection: Keep-Alive
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
","body":""}
response:{"header":"HTTP/1.1 200 OK
Server: nginx
Date: Wed, 20 May 2020 11:13:51 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
"}
url:http://www.xxxx.com/zb_users/plugin/STACentre/include.php
target:"http://www.xxxx.com/"
Detail:http://www.xxxx.com/
具体我也看不懂,开发者看一下吧。