admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 01:40:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create UF_U8_Cloud_upload.jsp_file_upload_vulnerability.md

Browse Source
This commit is contained in:
Goby 2023-09-06 17:36:51 +08:00 committed by GitHub
parent 2c9716a391
commit 9493060453
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
UF_U8_Cloud_upload.jsp_file_upload_vulnerability.md Normal file
View File

@ -0,0 +1,12 @@
## UF U8 Cloud upload.jsp file upload vulnerability
| **Vulnerability** | **UF U8 Cloud upload.jsp file upload vulnerability** |
| :----: | :-----|
| **Chinese name** | 用友 U8 Cloud upload.jsp 文件上传漏洞 |
| **CVSS core** | 9.8 |
| **FOFA Query** (click to view the results directly)| [body="开启U8 cloud云端之旅"](https://en.fofa.info/result?qbase64=Ym9keT0i5byA5ZCvVTggY2xvdWTkupHnq6%2FkuYvml4Ui) |
| **Number of assets affected** | 13473 |
| **Description** | yonyou U8 cloud is a cloud ERP developed by yonyou.There is a file upload vulnerability in yonyou U8 upload.jsp, which can be exploited by attackers to gain server privileges. |
| **Impact** | Attackers can use this vulnerability to upload file, execute code on the server side, write backdoors, obtain server permissions, and then control the entire web server. |
![](https://s3.bmp.ovh/imgs/2023/09/06/407cf745d8210300.gif)