漏洞描述
Fortra FileCatalyst Workflow存在目录遍历漏洞,此漏洞是ftpservlet对用户的请求验证不当导致的。
Fortra FileCatalyst Workflow CVE-2024-25153 目录遍历漏洞
PoC代码
暂无相关漏洞推荐
- (CVE-2025-10035)Fortra GoAnywhere MFT License Servlet反序列化漏洞可能导致命令注入
- 明源地产ERP系统 /Hkbgl/PhoneWorkflow/Business/PhoneHandler.ashx SQL 注入漏洞
- POC CVE-2023-0669: Fortra GoAnywhere MFT - Remote Code Execution
- POC CVE-2024-0204: Fortra GoAnywhere MFT - Authentication Bypass
- POC CVE-2024-5276: Fortra FileCatalyst Workflow <= v5.1.6 - SQL Injection
- POC e-cology-workflowcentertreedata-sqli: 泛微OA E-Cology WorkflowCenterTreeData SQL注入漏洞
- POC github-workflows-disclosure: Github Workflow Disclosure
- 泛微OA E-Cology WorkflowRequestServlet 存在XXE漏洞
- 明源地产ERP /MyWorkflowManagement/WebService/WFWebService.asmx 命令执行漏洞
- 泛微OA E-cology WorkflowServiceXml getUserId SQL注入漏洞
- 泛微e-cology WorkflowServiceXml SQL注入漏洞
- Weaver e-cology /services/WorkflowServiceXml 远程代码执行漏洞
- 金蝶云星空 Workflow 存在反序列化漏洞