用友 U8 cloud nc.itf.uap.pfxx.IPFxxFileService 存在任意文件上传漏洞
PoC代码
暂无相关漏洞推荐
- 锁群管理系统 /inc/CheckLogin.aspx 默认口令漏洞
- POC CVE-2018-17082: Apache2 - Transfer-Encoding Chunked XSS
- POC CVE-2019-25213: WordPress Advanced Access Manager - Path Traversal
- POC CVE-2020-11732: Media Library Assistant < 2.82 - Unauthenticated Limited Local File Inclusion
- POC CVE-2023-5815: News & Blog Designer Pack – WordPress Blog Plugin <= 3.4.1 - Unauthenticated Local File Inclusion
- POC aem-anonymous-write: Adobe Experience Manager (AEM) - Anonymous JCR Node Creation
- POC functions-php-disclosure: functions.php Full Path Disclosure
- 用友NC存在 oncelogin/getAuth SQL注入漏洞
- Oracle Identity Manager /iam/governance/applicationmanagement/api/v1/applications/groovyscriptstatus;.wadl 命令执行漏洞(CVE-2025-61757)
- KINGOSOFT高校智慧校园教学综合服务平台 /jw/lessonchangeapply/jwComFileDownload.action 文件读取漏洞
- 用友NC /portal/pt/oacoSchedulerEvents/uncancelEvent SQL 注入漏洞
- 亿赛通电子文档安全管理系统 /CDGServer3/dwr/call/plaincall/JLockSeniorDao.findByLockName.dwr SQL 注入漏洞
- POC CVE-2025-31486: Vite server.fs.deny Bypass - Local File Inclusion