admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 18:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create yongyou_GRP-U8_U8App_Proxy_Arbitrary_file_upload_vulnerability.md

Browse Source 
add yongyou GRP-U8 U8AppProxy Arbitrary file upload vulnerability
This commit is contained in:
Goby 2023-06-09 17:58:19 +08:00 committed by GitHub
parent 144b548805
commit 3025991a2e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
yongyou_GRP-U8_U8App_Proxy_Arbitrary_file_upload_vulnerability.md Normal file
View File

@ -0,0 +1,12 @@
## yongyou GRP-U8 U8AppProxy Arbitrary file upload vulnerability
| **Vulnerability** | **yongyou GRP-U8 U8AppProxy Arbitrary file upload vulnerability** |
| :----: | :-----|
| **Chinese name** | 用友GRP-U8 软件 U8AppProxy 任意文件上传漏洞 |
| **CVSS core** | 9.0 |
| **FOFA Query** (click to view the results directly)| [body="window.location.replace(\"login.jsp?up=1\")" \|\| body="GRP-U8"](https://en.fofa.info/result?qbase64=Ym9keT0id2luZG93LmxvY2F0aW9uLnJlcGxhY2UoXCJsb2dpbi5qc3A%2FdXA9MVwiKSIgfHwgYm9keT0iR1JQLVU4Ig%3D%3D) |
| **Number of assets affected** | 1308 |
| **Description** | Yonyou GRP-U8 management software is a new generation of products launched by UFIDA focusing on national e-government affairs and based on cloud computing technology. It is the most professional government financial management software in the field of administrative affairs and finance in my country. UFIDA GRP-U8 management software U8AppProxy has an arbitrary file upload vulnerability, an attacker can upload a webshell to obtain server permissions.|
| **Impact** | UFIDA GRP-U8 management software U8AppProxy has an arbitrary file upload vulnerability, an attacker can upload a webshell to obtain server permissions. |
![](https://s3.bmp.ovh/imgs/2023/06/08/5cccc970d4c3d964.gif)