GobyVuls/UF_U8_Cloud_upload.jsp_file_upload_vulnerability.md at master - GobyVuls - 临风笛

admin/GobyVuls

mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-05 10:16:59 +00:00

Goby 9493060453

Create UF_U8_Cloud_upload.jsp_file_upload_vulnerability.md

2023-09-06 17:36:51 +08:00

920 B

Raw Permalink Blame History

UF U8 Cloud upload.jsp file upload vulnerability

Vulnerability	UF U8 Cloud upload.jsp file upload vulnerability
Chinese name	用友 U8 Cloud upload.jsp 文件上传漏洞
CVSS core	9.8
FOFA Query (click to view the results directly)	body="开启U8 cloud云端之旅"
Number of assets affected	13473
Description	yonyou U8 cloud is a cloud ERP developed by yonyou.There is a file upload vulnerability in yonyou U8 upload.jsp, which can be exploited by attackers to gain server privileges.
Impact	Attackers can use this vulnerability to upload file, execute code on the server side, write backdoors, obtain server permissions, and then control the entire web server.