网御星云-网页防篡改系统古老版本多个漏洞

From PwnWiki

Revision as of 09:16, 10 June 2021 by Pwnwiki (talk | contribs) (Created page with "密码都是：Admin%100")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Other languages:

Chinese • ‎中文（中国大陆）‎ • ‎中文（台灣）‎ • ‎中文（繁體）‎

影响版本

网御星云网页防篡改系统较古老的版本

FOFA

title = "网御web应用安全防护系统v3.0"
title = "网页防篡改系统"

弱口令

super(超级管理员)

admin(系统管理员)

operator(操作员)

viewer(审查员)

密码都是：Admin%100

未授权信息泄漏

URL+/API/

帐号信息泄漏

URL+/API/user/list

系统信息泄漏

URL+/API/system_info/list

目录遍历

URL+/doc/
URL+/images/
URL+/audio/
URL+/fonts/

参考

https://short.pwnwiki.org/?c=WtUWOp

Retrieved from "https://pwnwiki.com/index.php?title=網禦星雲-網頁防篡改系統古老版本多個漏洞/zh-cn&oldid=4528"