漏洞描述
AOFAX傲发办公通信专家email.ashx存在任意文件上传漏洞,未经授权的攻击者可通过该漏洞获取服务器控制权限。
AOFAX傲发办公通信专家email.ashx存在任意文件上传漏洞
PoC代码
暂无相关漏洞推荐
- CNVD-2019-16798: Coremail Information Disclosure
- coremail-manager-password-disclosure: Coremail 邮件系统未授权访问获取管理员账密
- WordPress Plugin email-subscribers /wp-admin/admin-post.php advanced_filter SQL 注入漏洞(CVE-2024-2876)
- POC azure-sql-va-emails-unconfigured: Azure SQL Classic VA Emails Unconfigured
- POC smartoa-emaildownload-file-read: 智明 SmartOA EmailDownload.ashx 任意文件下载漏洞
- POC yonyou-u8-crm-getemaildata-fileread: 用友 U8 CRM客户关系管理系统 getemaildata.php 任意文件读取漏洞
- POC yonyou-u8-crm-getemaildata-uploadfile: 用友 U8 CRM客户关系管理系统 getemaildata.php 任意文件上传漏洞
- POC coremail-config-disclosure: Coremail - Config Discovery
- POC wp-email-subscribers-listing: WordPress Plugin Email Subscribers Listing
- POC wp-woocommerce-email-verification: Email Verification for WooCommerce < 1.8.2 - Loose Comparison to Authentication Bypass
- POC yonyou-u8-crm-fileupload: UFIDA U8-CRM getemaildata - Arbitary File Upload
- POC yonyou-u8-crm-lfi: UFIDA U8 CRM getemaildata.php - Arbitrary File Read
- AOFAX傲发办公通信专家Checkingin.ashx存在SQL注入漏洞