漏洞描述
Edraw PDF Viewer Component是轻型的ActiveX空间,允许应用程序显示和操作PDF文件 。 PDFVIEWER.PDFViewerCtrl.1 ActiveX控件(pdfviewer.ocx)所提供的FtpDownloadFile()方式没有正确地验证用户所提供的输入参数,如果用户受骗访问了恶意网页,就可能向系统上的任意位置下载文件 。
Edraw PDF Viewer Component "pdfviewer.ocx" 任意文件上传漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2025-55184: React Server Components - Denial of Service
- POC CVE-2025-55182: React Server Components - Remote Code Execution
- 月子会所ERP管理云平台 /Page/upload/UploadComponentHandler.ashx 文件上传漏洞
- POC React Server Components 远程代码执行漏洞(CVE-2025-55182)
- POC CVE-2021-34427: Eclipse BIRT Viewer - Remote Code Execution
- POC gradio-image-ssrf: Gradio Image Component - Server-Side Request Forgery
- 蓝凌OA /sys/ui/sys_ui_component/sysUiComponent.do 命令执行漏洞
- POC CVE-2008-6172: Joomla! Component RWCards 3.0.11 - Local File Inclusion
- POC CVE-2010-0157: Joomla! Component com_biblestudy - Local File Inclusion
- POC CVE-2010-0467: Joomla! Component CCNewsLetter - Local File Inclusion
- POC CVE-2010-0696: Joomla! Component Jw_allVideos - Arbitrary File Retrieval
- POC CVE-2010-0942: Joomla! Component com_jvideodirect - Directory Traversal
- POC CVE-2010-0943: Joomla! Component com_jashowcase - Directory Traversal