add about CNVD-2020-10487(CVE-2020-1938), tomcat ajp 文件读取/包含漏洞poc

2025-06-21 10:21:35 +00:00 · 2020-02-21 13:10:38 +08:00 · 2020-02-21 13:10:38 +08:00 · 60e36a0b82
commit 60e36a0b82
parent d233499215
1 changed files with 1 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -120,6 +120,7 @@
 - [CVE-2020-7471-django1.11-1.11.282.2-2.2.103.0-3.0.3 StringAgg(delimiter)使用了不安全的数据会造成SQL注入漏洞环境和POC](https://github.com/Saferman/CVE-2020-7471)
 - [CVE-2019-17564 : Apache Dubbo反序列化漏洞](https://www.anquanke.com/post/id/198747)
 - [YzmCMS 5.4 后台getshell](https://xz.aliyun.com/t/7231)
+- [CNVD-2020-10487(CVE-2020-1938), tomcat ajp 文件读取漏洞poc](https://github.com/nibiwodong/CNVD-2020-10487-Tomcat-ajp-POC)|[Java版本POC](https://github.com/0nise/CVE-2020-1938)|[Tomcat-Ajp协议文件读取漏洞](https://github.com/YDHCUI/CNVD-2020-10487-Tomcat-Ajp-lfi/)

 ## 提权辅助相关