漏洞描述
74CMS人才招聘系统/upload/application/index/controller/Download.php文件任意文件读取漏洞,可读取系统配置等文件,导致网站处于极度不安全状态。
74CMS任意文件读取(CVE-2022-26271)
PoC代码
暂无相关漏洞推荐
- CVE-2020-22208: 74cms - ajax_street.php 'x' SQL Injection
- POC CVE-2020-22208: 74cms - ajax_street.php 'x' SQL Injection
- POC CVE-2020-22209: 74cms - ajax_common.php SQL Injection
- POC CVE-2020-22210: 74cms - ajax_officebuilding.php SQL Injection
- POC CVE-2020-22211: 74cms - ajax_street.php 'key' SQL Injection
- POC CVE-2022-26271: 74cmsSE v3.4.1 - Arbitrary File Read
- POC CVE-2020-22209: 74cms - ajax_common.php SQL Injection
- POC CVE-2020-22210: 74cms - ajax_officebuilding.php SQL Injection
- POC CVE-2020-22211: 74cms - ajax_street.php 'key' SQL Injection
- POC 74cms-sqli-1: 74 CMS SQL 注入漏洞
- POC 74cms-sqli-2: 74 CMS SQL 注入漏洞
- POC CVE-2020-29279: 74CMS - Remote File Inclusion
- POC 74cms-weixin-sqli: 74CMS weixin.php - SQL Injection