From d6144d98acc85838096a253aa29dc3ff6baa194b Mon Sep 17 00:00:00 2001
From: wy876 <139549762+wy876@users.noreply.github.com>
Date: Thu, 16 Nov 2023 20:40:26 +0800
Subject: [PATCH] =?UTF-8?q?Update=20=E8=93=9D=E5=87=8COAsysUiComponent=20?=
 =?UTF-8?q?=E6=96=87=E4=BB=B6=E5=AD=98=E5=9C=A8=E4=BB=BB=E6=84=8F=E6=96=87?=
 =?UTF-8?q?=E4=BB=B6=E4=B8=8A=E4=BC=A0=E6=BC=8F=E6=B4=9E.md?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 蓝凌OAsysUiComponent 文件存在任意文件上传漏洞.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/蓝凌OAsysUiComponent 文件存在任意文件上传漏洞.md b/蓝凌OAsysUiComponent 文件存在任意文件上传漏洞.md
index 7dc5e3e..f5f370f 100644
--- a/蓝凌OAsysUiComponent 文件存在任意文件上传漏洞.md	
+++ b/蓝凌OAsysUiComponent 文件存在任意文件上传漏洞.md	
@@ -8,6 +8,7 @@ app="Landray-OA系统"
 
 
 ## poc
+直接访问路径，发现未授权文件上传 http://.com/sys/ui/sys_ui_component/sysUiComponent.do?method=upload
 ![c9857f5370d4abd1547fa7cb1988a18a](https://github.com/wy876/POC/assets/139549762/ee361dae-cfa2-4eae-910f-501331731347)
 
 ```