漏洞描述
福建科立讯通信指挥调度平台存在文件上传漏洞。此漏洞是由于/custom/相关接口对用户上传的文件缺乏校验导致的。
福建科立讯通信指挥调度平台 custom 接口文件上传漏洞
PoC代码
暂无相关漏洞推荐
- Flowise /api/v1/node-load-method/customMCP 命令执行漏洞(CVE-2025-8943)
- 万户ezOFFICE协同管理平台 /defaultroot/platform/custom/customizecenter/js/getAutoCode.jsp;.js SQL 注入漏洞
- 福建科立讯通信指挥调度管理平台 /custom/zx/upload.php 文件上传漏洞
- 万户ezOFFICE协同平台 /defaultroot/iWebOfficeSign/OfficeServer.jsp/../../modules/hrm/report/customize/checkSQL_httprequest.jsp SQL 注入漏洞
- Adobe Commerce/Magento SessionReaper /customer/address_file/upload 文件上传漏洞(CVE-2025-54236)
- 万户OA /defaultroot/govezoffice/custom_documentmanager/smartUpload.jsp 文件上传漏洞
- POC CVE-2010-1315: Joomla! Component webERPcustomer - Local File Inclusion
- POC CVE-2023-30150: PrestaShop leocustomajax 1.0 & 1.0.0 - SQL Injection
- POC custom-ram-policy-admin-priv: Custom RAM Policies With Full Administrative Privileges
- POC cloudfront-custom-certificates: Cloudfront Custom SSL/TLS Certificates - In Use
- POC azure-custom-admin-role-unrestricted: Azure Subscription Administrator Custom Role Unrestricted Access
- POC azure-custom-owner-role-unrestricted: Azure Custom Owner Role Available
- POC baiteng-customer-relationship-system-weak-password: 百腾客户关系系统弱口令