漏洞描述
攻击者可通过该漏洞读取系统重要文件(如数据库配置文件、系统配置文件)、数据库配置文件等等,导致网站处于极度不安全状态。
Casdoor /static 文件读取漏洞
PoC代码
暂无相关漏洞推荐
- 智联云采 SRM2.0 /adpweb/static/..;/a/db/dbBackupScheme/restore 命令执行漏洞
- lsfusion /file/static/noauth 目录遍历漏洞(CVE-2025-13261)
- 智互联-SRM /adpweb/static/..;/api/authority/getUser 信息泄露漏洞
- POC CVE-2022-24124: Casdoor 1.13.0 - Unauthenticated SQL Injection
- POC CVE-2022-24124: Casdoor 1.13.0 - Unauthenticated SQL Injection
- POC casdoor-static-fileread: Casdoor 任意文件读取漏洞
- POC casdoor-unauth-operations: Casdoor <=v1.811.0 - Unauthenticated SCIM Operations
- POC casdoor-users-password: Casdoor get-users Account Password Disclosure
- Solara /static/nbextensions/ 文件读取漏洞(CVE-2024-39903)
- 短视频矩阵营销系统 /static/admin/upload_file/php/upload.php 文件上传漏洞
- PbootCMS /static/backup/sql/pbootcms_v310.sql 信息泄露漏洞
- TraggoServer /static 文件读取漏洞(CVE-2023-34843)
- 云时空社会化商业ERP系统 /static/js/public.js Shiro 代码执行漏洞