admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 01:40:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create Weaver_E-office_Office_Automation_System_download.php_filename_file_read_vulnerability.md

Browse Source 
add Weaver E-office Office Automation System download.php filename file read vulnerability
This commit is contained in:
Goby 2023-06-21 17:00:35 +08:00 committed by GitHub
parent 1cf9c370c8
commit fbb45c1a31
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
Weaver_E-office_Office_Automation_System_download.php_filename_file_read_vulnerability.md Normal file
View File

@ -0,0 +1,12 @@
## Weaver E-office Office Automation System download.php filename file read vulnerability
| **Vulnerability** | **Weaver E-office Office Automation System download.php filename file read vulnerability** |
| :----: | :-----|
| **Chinese name** | 泛微E-office协同办公系统 download.php 文件 filename 参数文件读取漏洞 |
| **CVSS core** | 5.0 |
| **FOFA Query** (click to view the results directly)| [((header="general/login/index.php" \|\| body="/general/login/view//images/updateLoad.gif" \|\| (body="szFeatures" && body="eoffice") \|\| header="Server: eOffice") && body!="Server: couchdb") \|\| banner="general/login/index.php"](https://en.fofa.info/result?qbase64=KChoZWFkZXI9ImdlbmVyYWwvbG9naW4vaW5kZXgucGhwIiB8fCBib2R5PSIvZ2VuZXJhbC9sb2dpbi92aWV3Ly9pbWFnZXMvdXBkYXRlTG9hZC5naWYiIHx8IChib2R5PSJzekZlYXR1cmVzIiAmJiBib2R5PSJlb2ZmaWNlIikgfHwgaGVhZGVyPSJTZXJ2ZXI6IGVPZmZpY2UiKSAmJiBib2R5IT0iU2VydmVyOiBjb3VjaGRiIikgfHwgYmFubmVyPSJnZW5lcmFsL2xvZ2luL2luZGV4LnBocCI%3D) |
| **Number of assets affected** | 4971 |
| **Description** | Weaver E-office Office Automation System is a professional office software, is for small business or team work platform. There are file reading vulnerabilities in the Weaver E-office Office Automation System.Attackers can use this vulnerability to read important system files (such as database configuration files, system configuration files), database configuration files, etc., resulting in an extremely insecure state of the website. |
| **Impact** | There are file reading vulnerabilities in the Weaver E-office Office Automation System.Attackers can use this vulnerability to read important system files (such as database configuration files, system configuration files), database configuration files, etc., resulting in an extremely insecure state of the website. |
![](https://s3.bmp.ovh/imgs/2023/06/21/008f7969a69cf000.gif)