Pineapple Pavilion ZBLOGCN .COM

Z-blog official blog

Repair instructions on blind-xxe arbitrary file reading vulnerability and File Inclusion Vulnerability

 Hail. The. Judge. 1994. BluRay. X264. 2Audio. AAC. 720p. Sdhf-normteam. MKV_ 20150309_ 152909.312.jpg

Recently, we received two security reports from Wuyun, pointing out that there are major security vulnerabilities in z-blogphp. After the development team confirmed that the vulnerability does exist, the patch has been released to the update server, please update as soon as possible!!

Repair method:

  • Enter the z-blogphp background application center, enter the [system update and verification] item, and click [verify the current version of the system core file] to update the relevant files.

  • Delete ZB_ Install directory.

If users of version 1.4 can't update and verify online, please download the latest installation package from the official website and upload and cover it with FTP once.


Due to our negligence, we are very sorry for the security threat to your website. In the future, we will pay more attention to the security requirements in PHP development.

Thank you very much phith0n  And Rain The safety report provided by the two also welcome other white hats to help us to ensure safety.

Powered By Z-BlogPHP 1.7.3.3050 Alpha

ZBLOGCN. All rights reserved No. 19031813 - 6 Cloud again Provide CDN and cloud storage services