漏洞描述
openSIS v9.1存在路径遍历,攻击者可以获取服务器敏感文件
openSIS v9.1存在路径遍历(CVE-2023-38879)
PoC代码
暂无相关漏洞推荐
- POCCVE-2020-6637: OpenSIS 7.3 - SQL Injection
- POCCVE-2021-40542: Opensis-Classic 8.0 - Cross-Site Scripting
- POCCVE-2021-40651: OS4Ed OpenSIS Community 8.0 - Local File Inclusion
- POCCVE-2021-41691: openSIS Student Information System 8.0 SQL Injection
- POCCVE-2023-38879: openSIS v9.0 - Path Traversal
- POCCVE-2024-35584: openSIS < 9.1 - SQL Injection
- POCCVE-2024-51211: openSIS Classic v9.1 - SQL Injection
- POCCVE-2020-6637: OpenSIS 7.3 - SQL Injection
- POCCVE-2021-40542: Opensis-Classic 8.0 - Cross-Site Scripting
- POCCVE-2021-40651: OS4Ed OpenSIS Community 8.0 - Local File Inclusion
- POCCVE-2021-41691: openSIS Student Information System 8.0 SQL Injection
- POCCVE-2023-38879: openSIS v9.0 - Path Traversal
- POCCVE-2024-35584: openSIS < 9.1 - SQL Injection