漏洞描述
【漏洞对象】用友uapws 【漏洞描述】 该系统存在命令执行漏洞,远程攻击者可通过特制的参数利用此漏洞执行任意代码。
用友uapws前台-获得Shell
PoC代码
暂无相关漏洞推荐
- yonyou-ufida-oa-uapws-xxe: 用友 UFIDA OA XXE
- POC CVE-2022-42889: Text4Shell - Remote Code Execution
- POC CVE-2009-0545: ZeroShell <= 1.0beta11 Remote Code Execution
- POC CVE-2014-2321: ZTE Cable Modem Web Shell
- POC CVE-2014-6271: ShellShock - Remote Code Execution
- POC CVE-2019-8943: WordPress Core 5.0.0 - Crop-image Shell Upload
- POC CVE-2020-16846: SaltStack <=3002 - Shell Injection
- POC CVE-2021-24347: WordPress SP Project & Document Manager <4.22 - Authenticated Shell Upload
- POC CVE-2023-34124: SonicWall GMS and Analytics Web Services - Shell Injection
- POC CVE-2025-53770: Microsoft SharePoint Server - Remote Code Execution (ToolShell)
- POC CVE-2014-6271: ShellShock - Remote Code Execution
- POC CVE-2020-16846: SaltStack Shell Injection
- POC home-env-permission: User Home Directory and Shell Environment File Ownership & Permission