漏洞描述
泛微协同管理应用平台(e-cology)是一套兼具企业信息门户、知识管理、数据中心、工作流管理、人力资源管理、客户与合作伙伴管理、项目管理、财务管理、资产管理功能的协同商务平台。泛微e-cologyln.FileDownload存在目录穿越漏洞,攻击者可利用该漏洞获取敏感信息。
泛微Ecology OA ln.FileDownload目录穿越漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2014-0160: OpenSSL Heartbleed Vulnerability
- POC CVE-2012-1226: Dolibarr ERP/CRM 3.2 Alpha - Multiple Directory Traversal Vulnerabilities
- POC CVE-2013-2248: Apache Struts - Multiple Open Redirection Vulnerabilities
- POC CVE-2016-4437: Apache Shiro 1.2.4 Cookie RememberME - Deserial Remote Code Execution Vulnerability
- POC CVE-2020-1956: Apache Kylin 3.0.1 - Command Injection Vulnerability
- POC CVE-2021-26855: Microsoft Exchange Server SSRF Vulnerability
- POC CVE-2021-43778: GLPI plugin Barcode < 2.6.1 - Path Traversal Vulnerability.
- POC CVE-2022-0432: Mastodon Prototype Pollution Vulnerability
- POC CVE-2022-27849: WordPress Simple Ajax Chat <20220116 - Sensitive Information Disclosure vulnerability
- POC CVE-2023-20889: VMware Aria Operations for Networks - Code Injection Information Disclosure Vulnerability
- POC CVE-2023-34993: Fortinet FortiWLM Unauthenticated Command Injection Vulnerability
- POC CVE-2024-13159: Ivanti EPM - Credential Coercion Vulnerability in GetHashForWildcardRecursive
- POC CVE-2024-13160: Ivanti EPM - Credential Coercion Vulnerability in GetHashForWildcard