漏洞描述
URVE Web Manager _internal/download.php文件读取漏洞,攻击者可利用该获取系统文件信息。
URVE Web Manager download.php文件读取漏洞
PoC代码
暂无相关漏洞推荐
- POC magento-downloader-fpd: Magento Downloader - Full Path Disclosure
- POC wp-duracelltomi-google-tag-manager-fpd: WordPress Plugin Google Tag Manager - Full Path Disclosure
- ETAP Safety Manager 跨站脚本漏洞
- POC CVE-2020-26836: SAP Solution Manager - Open Redirect
- POC bitrix-log-file-disclosure: Bitrix Site Manager - Log File Disclosure
- POC nexus-repository-anonymous-access: Nexus Repository Manager - Anonymous Access Enabled
- 天地伟业 Easy7 /Easy7/rest/file/downloadWordRecord 文件读取漏洞
- 大华ICC智能物联综合管理平台 file_download 任意文件读取漏洞
- POC CVE-2019-25213: WordPress Advanced Access Manager - Path Traversal
- POC aem-anonymous-write: Adobe Experience Manager (AEM) - Anonymous JCR Node Creation
- 友加畅捷管理系统 /Controllers/ajax/downloadfile.ashx 文件读取漏洞
- 大华智能物联综合管理平台 /evo-apigw/evo-cirs/file/download 文件读取漏洞
- 中成科信票务管理系统 /SystemManager/Api/TicketManager.ashx SQL 注入漏洞