漏洞描述
【漏洞对象】Metinfo 【漏洞描述】 该产品thumb.php文件中参数y、dirwe存在任意文件读取漏洞。
Metinfo thumb.php-任意文件读取
PoC代码
暂无相关漏洞推荐
- CVE-2019-16996: Metinfo 7.0.0beta SQL Inject
- CVE-2019-16997: Metinfo sql inject
- CVE-2019-17418: Metinfo sql inject
- POC CVE-2019-16996: Metinfo 7.0.0 beta - SQL Injection
- POC CVE-2019-16997: Metinfo 7.0.0 beta - SQL Injection
- POC CVE-2019-17418: MetInfo 7.0.0 beta - SQL Injection
- POC CVE-2023-50917: MajorDoMo thumb.php - OS Command Injection
- POC CNVD-2018-13393: Metinfo file read
- POC CNVD-2018-13393: Metinfo - Local File Inclusion
- POC CVE-2015-9415: BJ Lazy Load (Timthumb) <= 0.7.5 - Remote File Inclusion
- POC weaver-sptmforportalthumbnail-lfi: OA E-Weaver SptmForPortalThumbnail - Arbitrary File Read
- POC metinfo-file-read: Metinfo file read
- MetInfo /app/system/entrance.php 任意文件上传漏洞