ADD drupal_6340

2025-12-30 22:33:14 +00:00 · 2020-12-13 22:31:43 +08:00 · 2020-12-13 22:31:43 +08:00 · 0c9b6a34ed
commit 0c9b6a34ed
parent bec4395e4d
1 changed files with 5 additions and 5 deletions
--- a/Seeyon/htmlofficeservlet_uploadfile_getshell/README.md
+++ b/Seeyon/htmlofficeservlet_uploadfile_getshell/README.md
@ -1,11 +1,11 @@
-# CVE-2020-24571 NexusDB path traversal
+# Seeyon OA htmlofficeservlet upload file getshell

-NexusQA NexusDB before 4.50.23 allows the reading of files via ../ directory traversal.
+致远是从事OA办公自动化软件的开发销售与服务工作，致远OA在国内使用广泛。该漏洞可造成任意文件上传，恶意攻击者通过精心构造POST数据来上传JSP Webshell，提升服务器权限，从而控制服务器或对系统造成破坏。

-**Affected version**: nexusdb < 4.50.23
+**Affected version**: 致远A8-V5协同管理软件 V6.1sp1、致远A8+协同管理软件

-**[FOFA](https://fofa.so/result?q=header%3D%22Server%3A+NexusDB%22&qbase64=aGVhZGVyPSJTZXJ2ZXI6IE5leHVzREIi&file=&file=) query rule**: header="Server: NexusDB"
+**[FOFA](https://fofa.so/result?qbase64=YXBwPSJZb255b3UtU2VleW9uLU9BIiB8fCBhcHA9IlNlZXlvbi1TZXJ2ZXIi) query rule**: app="Yonyou-Seeyon-OA" || app="Seeyon-Server"

 # Demo

-![](CVE-2020-24571.gif)
+![](zhiyuan_htmlofficeservlet_getshell.gif)