admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-06 18:52:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add Dwsurvey 3.2 Arbitrary File Read

Browse Source
This commit is contained in:
xiaoheihei1107 2021-09-24 18:19:51 +08:00 committed by GitHub
parent ccd92a357d
commit fb021a795a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Dwsurvey/Dwsurvey_3_2_Arbitrary_File_Read/README.md Normal file
View File

@ -0,0 +1,10 @@
# Dwsurvey 3.2 Arbitrary File Read
DWSurvey is a convenient, efficient and stable survey questionnaire system, an open source questionnaire form system based on JAVA WEB. The filePath parameter of the ToHtmlServlet.java file in the dwsurvey-oss-v3.2.0 version has an arbitrary file reading vulnerability.
FOFA **query rule**: [app="DIAOWEN-问卷表单系统"](https://fofa.so/result?qbase64=YXBwPSJESUFPV0VOLemXruWNt%2BihqOWNleezu%2Be7nyI%3D)
# Demo
![Dwsurvey_3_2_Arbitrary_File_Read](Dwsurvey_3_2_Arbitrary_File_Read.gif)