漏洞描述
任我行CRM存在反序列化漏洞,该漏洞是由于UploadFile接口对用户发送的请求验证不当导致的。
任我行CRM UploadFile 反序列化漏洞
PoC代码
暂无相关漏洞推荐
- 同享人力资源管理系统 /MobileService/Web/Handler/hdlUploadFile.ashx 文件上传漏洞
- POC CNVD-2021-49104: 泛微OA E-Office UploadFile.php 任意文件上传漏洞
- POC enjoyscm-uploadfile: enjoyscm UploadFile任意文件上传
- POC esafenet-uploadfilefromclientserviceforclient-fileupload: 亿赛通 电子文档安全管理系统 UploadFileFromClientServiceForClient 任意文件上传
- POC jinher-uploadfileblock-fileupload: 金和OA UploadFileBlock接口任意文件上传
- POC kingdee-eas-myuploadfile-fileupload: 金蝶EAS myUploadFile接口任意文件上传
- POC livebos-uploadfile-do-fileupload: LiveBOS UploadFile.do 任意文件上传漏洞(XVE-2023-21708)
- POC yonyou-grp-u8-upload-file-data: 用友 GRP-U8 UploadFileData 任意文件上传漏洞
- POC yonyou-grp-u8-uploadfiledata: 用友 GRP-U8 UploadFileData 任意文件上传
- POC jinhe-oa-c6-upload-lfi: Jinhe OA_C6_UploadFileDownLoadnew - Arbitrary File Read
- POC grp-u8-uploadfiledata: UFIDA GRP-U8 UploadFileData - Arbitrary File Upload
- 汉王e脸通综合管理平台 /manage/dgmCommand/resourceUploadFile.do 文件上传漏洞
- 汉王e脸通综合管理平台 resourceUploadFile.do 任意文件上传漏洞