{"id":445,"date":"2022-11-02T11:50:25","date_gmt":"2022-11-02T03:50:25","guid":{"rendered":"http:\/\/119.45.47.125\/?p=445"},"modified":"2023-05-10T14:20:50","modified_gmt":"2023-05-10T06:20:50","slug":"yunjing-2","status":"publish","type":"post","link":"http:\/\/119.45.47.125\/index.php\/2022\/11\/02\/yunjing-2\/","title":{"rendered":"\u6625\u79cb\u4e91\u5883\uff08\u4e8c\uff09"},"content":{"rendered":"

1.CVE-2022-28060 && CVE-2022-26201<\/h3>\n
\n
\n Victor CMS v1.0 \/includes\/login.php \u5b58\u5728sql\u6ce8\u5165
\n Victor CMS v1.0 \u5b58\u5728\u4e8c\u6b21\u6ce8\u5165\u6f0f\u6d1e\n<\/blockquote>\n

\u53c8\u662f\u4e00\u4e2a 6 \u5e74\u524d\u5c31\u505c\u6b62\u66f4\u65b0\u7684 CMS\uff0c\u8fd9\u4e2a\u73af\u5883\u662f\u4e0d\u662f\u6ca1\u5f04\u597d\uff0c\u597d\u591a\u88ab\u9609\u5272\u7684\u5730\u65b9\ud83e\udd14<\/p>\n

(1)search.php<\/h4>\n
<?php\n...\nif (isset($_POST['submit'])) {\n    $search = $_POST[\"search\"];\n    $query = \"SELECT * FROM posts WHERE post_tags LIKE '%$search%' AND post_status='publish'\";\n    $search_query = mysqli_query($con, $query);\n    if (!$search_query) {\n        die(\"Query Fail\" . mysqli_error($con));\n    }\n    $count = mysqli_num_rows($search_query);\n...\n?>\n<\/code><\/pre>\n
search<\/code>\u53ef\u4ee5\u76f4\u63a5\u6ce8\uff0c\u4f46\u662f\u73af\u5883\u91cc\u9609\u5272\u4e86\uff0csearch.php<\/code>\u663e\u793a404<\/p>\n
(2)post.php<\/h4>\n
\u540c\u6837\u88ab\u9609\u5272\u7684\u8fd8\u6709\u8fd9\u4e2a\uff0cpost<\/code><\/p>\n
<?php\n...\nif (isset($_GET['post'])) {\n    $post = $_GET['post'];\n}\n$query = \"SELECT * FROM posts WHERE post_id=$post\";\n$run_query = mysqli_query($con, $query);\n...\n?>\n<\/code><\/pre>\n
(3)category.php<\/h4>\n
\u9609\u5272 +1\uff0ccat_id<\/code><\/p>\n
<?php\n...\nif (isset($_GET['cat_id'])) {\n    $category = $_GET['cat_id'];\n}\nmysqli_real_escape_string($con,$category);\n$query = \"SELECT * FROM posts WHERE post_category_id=$category\";\n$run_query = mysqli_query($con, $query);\n$count = mysqli_num_rows($run_query);\n...\n?>\n<\/code><\/pre>\n
(4)includes\/login.php<\/h4>\n
user_name<\/code>\u6709\u95ee\u9898\uff0c\u53ef\u4ee5\u5ef6\u65f6<\/p>\n
<?php\n...\nif (isset($_POST['login'])) {\n    $user_name = $_POST['user_name'];\n    $user_password = $_POST['user_password'];\n    mysqli_real_escape_string($con, $user_name);\n    mysqli_real_escape_string($con, $user_password);\n\n    $login_query = \"SELECT * FROM users WHERE user_name='{$user_name}' OR user_email='{$user_name}'\";\n    $login_run_query = mysqli_query($con, $login_query);\n    if (!$con) {\n        die('Error connecting to database');\n    }\n...\n?>\n\n<\/code><\/pre>\n
\"\"<\/div>\n
\u76f4\u63a5 sqlmap \u8bfb\u5427\uff0c\u8fd9\u73af\u5883\u6162\u7684\u8981\u6b7b\uff0c--file-read "\/flag"<\/code><\/p>\n
(5)admin\/includes\/admin_add_user.php && admin\/profile.php<\/h4>\n
\u4e24\u5904\u7684\u4e0a\u4f20\u903b\u8f91\u90fd\u4e00\u6837\uff0c\u6709\u624b\u5c31\u884c<\/p>\n
<?php\n...\n$user_image_temp = $_FILES['user_image']['tmp_name'];\n...\nmove_uploaded_file($user_image_temp, \"..\/img\/$user_image\");\n?>\n<\/code><\/pre>\n
\"\"<\/div>\n
(6)admin\/includes\/admin_edit_comment.php && edit_post.php<\/h4>\n
\u4ee3\u7801\u683c\u5f0f\u90fd\u662f\u4e00\u6837\u7684\uff0cid<\/code>\u7684\u95ee\u9898<\/p>\n
<?php\n...\nif (isset($_GET['c_id'])) {\n    $id = $_GET['c_id'];\n} else {\n    echo \"Wrong ID\";\n}\n\/\/<<<<<<<<<<<<<<<<<<<<----START QUERY---<<<<<<<<<<<<<<<<<<<<<<<\n\/\/---------QUERY TO CALL ALL THE DATAS IN POSTS TABLE----\n$edit_query = \"SELECT * FROM comments WHERE comment_id=$id\";\n...\n?>\n<\/code><\/pre>\n
\u540e\u9762\u4e0d\u770b\u4e86\uff0c\u8fd8\u6709 XSS\uff0c\u6ca1\u610f\u601d\uff0c\u6d6a\u8d39\u65f6\u95f4\u7f62\u4e86<\/p>\n
\n
2.CVE-2022-25411<\/h3>\n
\n
\n  MaxSite CMS\u662f\u4fc4\u56fdMaxSite CMS\u5f00\u6e90\u9879\u76ee\u7684\u4e00\u6b3e\u7f51\u7ad9\u5185\u5bb9\u7ba1\u7406\u7cfb\u7edf\u3002\u9a6c\u514b\u65af\u7a0b\u5e8f(MaxCMS)\u4ee5\u5f00\u6e90\u3001\u514d\u8d39\u3001\u529f\u80fd\u5f3a\u5927\u3001\u5b89\u5168\u5065\u58ee\u3001\u6027\u80fd\u5353\u8d8a\u3001\u8d85\u7ea7\u6613\u7528\u3001\u6a21\u677f\u4f17\u591a\u3001\u63d2\u4ef6\u9f50\u5168\u7b49\u4f18\u52bf\uff0c\u53d7\u5230\u4f17\u591a\u4f01\u4e1a\u548c\u7ad9\u957f\u7684\u559c\u7231\u3002\u9a6c\u514b\u65af\u7a0b\u5e8f\u7814\u53d1\u56e2\u961f\u62e5\u6709\u591a\u5e74\u7684\u6280\u672f\u79ef\u7d2f\u548c\u4ea7\u54c1\u5f00\u53d1\u7ecf\u9a8c\uff0c\u6210\u7acb\u4e86\u5b98\u65b9\u6280\u672f\u652f\u6301\u56e2\u961f\u3001\u5b98\u65b9\u6a21\u677f\u56e2\u961f\u3001\u5b98\u65b9\u63d2\u4ef6\u56e2\u961f\u3002\u4e00\u5207\u7acb\u8db3\u4e8e\u7ad9\u957f\u5229\u76ca\u3001\u5b5c\u5b5c\u4e0d\u5026\u7684\u6316\u6398\u7ad9\u957f\u9700\u6c42\u3001\u4e0d\u65ad\u63d0\u5347\u4ea7\u54c1\u4f53\u9a8c\uff0c\u81ea\u4e3b\u521b\u65b0\u591a\u9879\u7279\u8272\u6280\u672f\u3001\u63d0\u5347\u7f51\u7ad9\u54c1\u8d28!\u72ec\u7acb\u5f00\u53d1\u7684\u7ba1\u7406\u5458\u7ba1\u7406\u7cfb\u7edf\uff0c\u53ef\u4ee5\u5bf9\u7ba1\u7406\u5458\u8fdb\u884c\u66f4\u80fd\u4eba\u6027\u5316\u7684\u7ba1\u7406\u7f51\u7ad9\u3002 Maxsite CMS\u5b58\u5728\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u7cbe\u5fc3\u5236\u4f5c\u7684PHP\u6587\u4ef6\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u8d26\u6237\u4e3a\u5f31\u53e3\u4ee4\n<\/blockquote>\n
\u73af\u5883\u542f\u52a8\u6162\u7684\u8ba9\u6211\u4e00\u5ea6\u4ee5\u4e3a\u8fd9\u9898\u6302\u6389\u4e86<\/p>\n
\u540e\u53f0\u5730\u5740\u5728\/admin\/index.asp<\/code>\uff0c\u5f31\u53e3\u4ee4admin\/admin888<\/code>\u767b\u9646\uff1b\u5728admin\/option<\/code>\u4e0b\uff0c\u53ef\u4ee5\u4fee\u6539\u4e0a\u4f20\u6587\u4ef6\u7684\u7c7b\u578b<\/p>\n
\"\"<\/div>\n
\u7136\u540e\u76f4\u63a5\u4f20\u5c31\u884c\u4e86<\/p>\n
\"\"<\/div>\n
\u5176\u5b9e\u5728\u4ed6\u7684 issues<\/a> \u91cc\u662f\u5148\u5220\u9664\u6389\/uploads\/.htaccess<\/code>\u7136\u540e\u518d\u4e0a\u4f20\uff0c\u6211\u4e5f\u770b\u4e86\u4e0b\u786e\u5b9e\u5e94\u8be5\u5220\u6389\uff0c\u8981\u4e0d\u7136\u7684\u8bdd\u5e94\u8be5\u662f\u4e0d\u89e3\u6790.php<\/code><\/p>\n
RemoveHandler .php .phtml .php3 .php4 .php5\nAddType application\/x-httpd-php-source .php .phtml .php3 .php4 .php5\n<\/code><\/pre>\n
\u6240\u4ee5\u6ca1\u592a\u641e\u660e\u767d\u8fd9\u4e3a\u5565\u76f4\u63a5\u5c31\u53ef\u4ee5\u89e3\u6790\u4e86\uff1f\uff1f\uff1f<\/p>\n
\n
3.CVE-2022-25578<\/h3>\n
\n
\n  taocms v3.0.2\u5141\u8bb8\u653b\u51fb\u8005\u901a\u8fc7\u7f16\u8f91.htaccess\u6587\u4ef6\u6267\u884c\u4efb\u610f\u4ee3\u7801\n<\/blockquote>\n
(1)\u540e\u53f0<\/h4>\n
\u9996\u5148\uff0c\u6709\u70b9\u9e21\u808b\u4e86\uff0c\u6bd5\u7adf\u8981\u8fdb\u5230\u540e\u53f0\uff1b\u5176\u6b21\uff0c\u6362\u4e2a\u89d2\u5ea6\u8bb2\uff0c\u5728\u6587\u4ef6\u7ba1\u7406\u5904\uff0c\u4fee\u6539\u4efb\u4f55\u4e00\u4e2a .php \u6587\u4ef6\u90fd\u53ef\u4ee5\u6267\u884c\u4ee3\u7801\uff0c\u548c\u6781\u81f4CMS\u90a3\u4e2a\u6709\u70b9\u50cf<\/p>\n
\"\"<\/div>\n
\u5728include\/Model\/File.php<\/code>\u4e0b\u5e76\u6ca1\u6709\u5bf9\u5199\u5165\u7684filedata<\/code>\u8fdb\u884c\u68c0\u67e5<\/p>\n
<?php\n...\nfunction edit(){\n    $path=$this->path;\n    $filedata=file_get_contents($this->realpath);\n    include($this->tpl->myTpl('edit'.$this->table));\n}\n...\nfunction save(){\n    $path=$this->path;\n    if(!is_writable($this->realpath))Base::showmessage('\u65e0\u4fdd\u5b58\u6743\u9650');\n    $filedata=get_magic_quotes_gpc()?Base::magic2word($_POST['filedata']):$_POST['filedata'];\n    $status=file_put_contents($this->realpath,$filedata);\n    if($status){\n        Base::showmessage('\u4fdd\u5b58\u6210\u529f','admin.php?action=file&ctrl=lists');\n    }\n}\n<\/code><\/pre>\n
\u7136\u540e\u5c31\u662f\uff0c"\u5f53\u524d\u4f4d\u7f6e"\u8fd9\u4e2a\u5730\u65b9\u53ef\u4ee5\u8fdb\u5230\u4efb\u610f\u76ee\u5f55\uff1f\u90a3\u8fd8\u6539 .htaccess \u5e72\u5565\u5440\uff0c\u76f4\u63a5\u56de\u6eaf\u8fdb\u53bb\u6587\u4ef6\u7f16\u8f91\u4e0b\u8f7d\u5f97\u4e86<\/p>\n
\"\"<\/div>\n
(2)SQL\u6ce8\u5165<\/h4>\n
\u5148\u770bMysql.php<\/code>\uff0c\u91cc\u9762\u90fd\u662f\u6d89\u53ca\u5230\u6570\u636e\u5e93\u64cd\u4f5c\u7684\u51fd\u6570\uff0c\u90e8\u5206\u51fd\u6570\u5957\u4e0a\u4e86safeword()<\/code>\uff0c\u8fd9\u4e2a\u51fd\u6570\u5728Base.php<\/code>\u91cc<\/p>\n
#Base.php\n<?php\n...\nstatic function safeword($text,$level=8){\n    if(is_array($text)){\n        foreach( $text as $key=>$value){\n            $safeword[$key]=self::safeword($value);\n        }\n    }\n    else{\n        switch ($level){\n            case 0:\n                $safeword=$text;\n                break;\n            case 1:\n                $safeword=intval($text);\n                break;\n            case 3:\n                $safeword=strip_tags($text);\n                break;\n            case 5:\n                $safeword=nl2br(htmlspecialchars($text));\n                break;\n            case 6:\n                $safeword=str_replace(\"'\",\"\",addslashes($text));\n                $safeword=str_replace(\"select\",\"\",$safeword);\n                $safeword=str_replace(\"union\",\"\",$safeword);\n                $safeword=str_replace(\"=\",\"\",$safeword);\n                break;\n            default:\n                if(ucfirst(DB)=='Sqlite'){\n                    $safeword=str_replace(\"'\",\"''\",$text);\n                }\n                else{\n                    $safeword=Base::_addslashs($text);\n                }\n                break;\n            }\n        }\n        return $safeword;\n    }\n...\n?>\n\n<\/code><\/pre>\n
\u6839\u636elevel<\/code>\u7684\u503c\u6765\u5224\u65ad\u8fdb\u884c\u600e\u6837\u7684\u5904\u7406\uff0c\u5982\u679c\u6ca1\u6709\u6307\u5b9a\uff0c\u5c31\u6309\u6570\u636e\u5e93\u7c7b\u578b\uff0c\u9898\u91cc\u7684\u73af\u5883\u5e94\u8be5\u662fMysql<\/code>\uff0c\u6240\u4ee5\u8c03\u7528addslashs()<\/code>\u8f6c\u4e49<\/p>\n
\u90a3\u4e48\u627e\u95ee\u9898\u51fd\u6570\u5c31\u5148\u627e\u6ca1\u6709\u8c03\u7528safeword()<\/code>\u7684<\/p>\n
<?php\n\nfunction delist($table,$idArray,$wheres=\"\"){\n        if($wheres==''){\n            $ids=implode(',',$idArray);\n            $query = $this->query(\"DELETE FROM \".$table.\" WHERE id in(\".$ids.\")\");\n        }else{\n            $query = $this->query(\"DELETE FROM \".$table.\" WHERE \".$wheres);\n        }\n        return $query;\n    }\n\n?>\n<\/code><\/pre>\n
\u5168\u6587\u4ef6\u641c\u7d22\u8c03\u7528delist()<\/code>\u7684\u5730\u65b9\uff0c\u5728Cms.php<\/code>\u91cc\u6709<\/p>\n
<?php\nfunction del($wheres=''){\n        $status=$this->db->delist(TB.$this->table,$this->id,$wheres);\n        $this->createtag($this->id);\n        $this->countcache();\n        if(MEMCACHE)\n        foreach((array)$this->id as $id){\n            $this->mem->delete($id.'_cms');\n        }\n        Base::execmsg(\"\u5220\u9664\",\"?action=\".$this->table.'&ctrl=lists',$status);\n    }\n?>\n<\/code><\/pre>\n
\u5220\u9664\u6587\u7ae0\u7684\u65f6\u5019\u76f4\u63a5\u6293\u5305\u5ef6\u65f6 3s<\/p>\n
\"\"<\/div>\n
Category.php<\/code>\u540c\u7406<\/p>\n
\"\"<\/div>\n
\u540c\u6837\u6ca1\u88ab\u5904\u7406\u7684\u8fd8\u6709getlist()<\/code><\/p>\n
<?php\n\nfunction getlist($table,$wheres = \"1=1\", $colums = '*',$limits = '20',$orderbys=\"id DESC\"){\n        $query = $this->query(\"select \".$colums.\" from \".$table.\" where \".$wheres.\" ORDER BY  \".$orderbys.\"  limit \".$limits);\n        while($rs = $this->fetch_array($query)){\n            $datas[]=Base::magic2word($rs);\n        }\n        return $datas ;\n    }\n?>\n<\/code><\/pre>\n
\u8fd9\u4e2a\u8c03\u7528\u7684\u5730\u65b9\u4e5f\u4e0d\u5c11\uff0c\u5c31\u4e3e\u4e00\u4e2a\u4f8b\u5b50\uff0c\u5728Admin.php<\/code>\u91cc\u7684edit()<\/code><\/p>\n
<?php\nfunction edit(){\n        \/\/\u7ba1\u7406\u5458\u53c2\u6570\u7f13\u5b58\n        include(SYS_ROOT.CACHE.\"admin_array.inc\");\n        $getArray=$this->db->getlist(TB.$this->table,'id='.$this->id[0]);\n        $category=$this->db->getlist(TB.'category');\n        $o=$getArray[0];\n        $authlist=array();\n        $authlist=explode('|',$o['auth']);\n        $o['auth_level']=$authlist[0];\n        $o['auth_cat']=intval($authlist[1]);\n        $goctrl='update';\n        include($this->tpl->myTpl('edit'.$this->table));\n    }\n?>\n<\/code><\/pre>\n
\u76f4\u63a5\u6293\u5305\u5ef6\u65f6<\/p>\n
\"\"<\/div>\n
\n
4.CVE-2022-25488<\/h3>\n
\n
\n  Atom CMS v2.0\u5b58\u5728sql\u6ce8\u5165\u6f0f\u6d1e\u5728\/admin\/ajax\/avatar.php\u9875\u9762\n<\/blockquote>\n
8 \u5e74\u524d\u505c\u66f4\u7684 CMS<\/a><\/p>\n
(1)admin\/login.php<\/h4>\n
\u6807\u51c6\u7684\u5b57\u7b26\u578b\u6ce8\u5165<\/p>\n
<?php\nif(!empty($_POST)&&$_SERVER[\"REQUEST_METHOD\"]==\"POST\") {\n    $q = \"SELECT * FROM users WHERE email = '$_POST[email]' AND password = SHA1('$_POST[password]')\";\n    $r = mysqli_query($dbc, $q);\n    if(mysqli_num_rows($r) == 1) {\n        $_SESSION['username'] = $_POST['email'];\n        header('Location: index.php');\n    }\n}\n?>\n<\/code><\/pre>\n
\u4f46\u662f\u5f97\u5230 burp \u4e0b\u9762\u6d4b\u8bd5\uff0c\u9875\u9762\u4e0a\u90ae\u7bb1\u5904\u6709\u68c0\u6d4b\uff0csqlmap \u53ef\u4ee5\u76f4\u63a5\u8dd1\u7684<\/p>\n
(2)admin\/uploads.php<\/h4>\n
<?php\ninclude('..\/config\/connection.php');\n$ds = DIRECTORY_SEPARATOR;\n$id = $_GET['id'];\n$storeFolder = '..\/uploads';\n$ext = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION);\n$newname = time();\n$random = rand(100,999);\n$name = $newname.$random.'.'.$ext;\n$q = \"SELECT avatar FROM users WHERE id = $id\";\n$r = mysqli_query($dbc, $q);\n$old = mysqli_fetch_assoc($r);\n$q = \"UPDATE users SET avatar = '$name' WHERE id = $id\";\n$r = mysqli_query($dbc, $q);\necho $q.'<br>';\necho mysqli_error($dbc);\nif (!empty($_FILES)) {\n    $tempFile = $_FILES['file']['tmp_name'];\n    $targetPath = dirname( __FILE__ ) . $ds. $storeFolder . $ds;\n    $targetFile =  $targetPath. $name;\n    move_uploaded_file($tempFile,$targetFile);\n    $deleteFile = $targetPath.$old['avatar'];\n    if($old['avatar'] != '') {\n        if(!is_dir($deleteFile)) {\n            unlink($deleteFile);\n        }\n\n    }\n}\n?>\n<\/code><\/pre>\n
\u5148\u662fid<\/code>\u6570\u5b57\u578b\u6ce8\u5165\uff0c\u76f4\u63a5\u62a5\u9519\u5c31\u884c\u4e86<\/p>\n
\"\"<\/div>\n
\u7136\u540e\u540e\u9762\u8fd8\u6709\u4e2a\u6587\u4ef6\u4e0a\u4f20\uff0c\u5199\u4e00\u4e2aupload.html<\/code>\uff0c\u5c31\u5728\/uploads<\/code>\u4e0b<\/p>\n
(3)admin\/ajax\/avatar.php<\/h4>\n
\u548c\u4e0a\u9762\u7684\u5904\u7406\u4e00\u6837<\/p>\n
<?php\n$id = $_GET['id'];\n$q = \"SELECT avatar FROM users WHERE id = $id\";\n$r = mysqli_query($dbc, $q);\n$data = mysqli_fetch_assoc($r);\n?>\n<\/code><\/pre>\n
flag \u6700\u540e\u5728\u6839\u76ee\u5f55<\/p>\n
\"\"<\/div>\n
\n
5.CVE-2022-25401<\/h3>\n
\n
\n  Cuppa CMS v1.0 administrator\/templates\/default\/html\/windows\/right.php\u6587\u4ef6\u5b58\u5728\u4efb\u610f\u6587\u4ef6\u8bfb\u53d6\u6f0f\u6d1e\n<\/blockquote>\n
\u76f4\u63a5\u770b\u6f0f\u6d1e\u70b9\/templates\/default\/html\/windows\/right.php<\/code><\/p>\n
<?php\n...\n\n<div class=\"w_right\">\n    <?php \n        include realpath(__DIR__ . '\/..\/..\/..\/..').\"\/\".$_POST[\"url\"];\n    ?>\n<\/div>\n\n?>\n<\/code><\/pre>\n
\u6240\u4ee5\u76f4\u63a5 POST \u4f20\u53c2\u5c31\u597d\u4e86\uff0cview-source<\/code>\u5373\u53ef<\/p>\n
\"\"<\/div>","protected":false},"excerpt":{"rendered":"1.CVE-2022-28060 && CVE-2022-26201 Victor CMS v […]","protected":false},"author":1,"featured_media":404,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[26,29],"tags":[31],"class_list":["post-445","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-study","category-yunjing","tag-31"],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/119.45.47.125\/wp-content\/uploads\/2022\/10\/1-11.png?fit=1731%2C835","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/posts\/445","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/comments?post=445"}],"version-history":[{"count":11,"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/posts\/445\/revisions"}],"predecessor-version":[{"id":639,"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/posts\/445\/revisions\/639"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/media\/404"}],"wp:attachment":[{"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/media?parent=445"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/categories?post=445"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/tags?post=445"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}