漏洞描述
OAezoffice是万户网络协同办公产品多年来一直将主要精力致力于中高端市场的一款OA协同办公软件产品。攻击者可以利用该漏洞,在OA前台进行任意文件上传,拿下服务器的权限,危害极大。
万户网络 ezOffice OA 任意文件上传漏洞OfficeServer.jsp
PoC代码
暂无相关漏洞推荐
- 九思OA /jsoa/OfficeServer 文件上传漏洞
- 万户ezOFFICE协同平台 /defaultroot/iWebOfficeSign/OfficeServer.jsp/../../modules/hrm/report/customize/checkSQL_httprequest.jsp SQL 注入漏洞
- e-office-v10-officeserver-upload: 泛微OA E-Office OfficeServer.php 任意文件上传漏洞
- POC wanhu-defaultroot-sqli-1: 万户 Ezoffice OA defaultroot SQL注入
- POC wanhu-defaultroot-sqli-2: 万户 Ezoffice OA defaultroot SQL注入
- POC wanhu-defaultroot-sqli-3: 万户 Ezoffice OA defaultroot SQL注入
- POC wanhu-defaultroot-sqli: 万户 Ezoffice OA defaultroot SQL注入
- POC wanhu-oa-officeserver-upload-file: 万户OA OfficeServer.jsp 任意文件上传漏洞
- POC wanhuoa-officeserverservlet-file-upload: Wanhu OA OfficeServerServlet - Arbitrary File Upload
- POC weaver-office-server-file-upload: OA E-Office OfficeServer.php Arbitrary File Upload
- 九思OA OfficeServer存在SQL注入漏洞
- 万户ezOFFICE /defaultroot/iWebOfficeSign/OfficeServer.jsp/../../public/iWebRevision.jsp/Signature/SignatureEditFrm.jsp SQL 注入漏洞
- POC 九思OA OfficeServer 文件读取漏洞