Landray OA 漏洞列表
共找到 12 个与 Landray OA 相关的漏洞
📅 加载漏洞趋势中...
-
CNVD-2021-28277: Landray OA Custom JSP file rread POC
深圳市蓝凌软件股份有限公司数字OA(EKP)存在任意文件读取漏洞。攻击者可利用漏洞获取敏感信息,读取配置文件得到密钥后访问 admin.do 即可利用 JNDI远程命令执行获取权限 fofa: app="Landray-OA系统" -
landray-oa-panel: Landray OA Panel Login POC
app="Landray-OA系统" -
landray-oa-datajson-rce: Landray OA Datajson RCE POC
Landray Office Automation (OA) software, specifically in the "s_bean" component's "sysFormulaSimulateByJS" functionality. This vulnerability allows remote code execution (RCE), enabling attackers to execute arbitrary code on a target system. Fofa: app="Landray-OA系统" -
landray-oa-kmImeetingBookWebService-fileread: Landray OA kmImeetingBookWebService File Read POC
Landray OA System kmImeetingBookWebService interface has an arbitrary file read vulnerability. The vulnerability exists in the getImeetingBookLists method which can be exploited to read arbitrary files on the system. FOFA: body="Com_Parameter" -
landray-oa-loginWebserviceService-fileread: Landray OA loginWebserviceService File Read POC
Landray OA System loginWebserviceService interface has an arbitrary file read vulnerability. The vulnerability exists in the getLoginSessionId method which can be exploited to read arbitrary files on the system. FOFA: body="Com_Parameter" -
landray-oa-sysNotifyTodoWebService-fileread: Landray OA sysNotifyTodoWebService File Read POC
Landray OA System sysNotifyTodoWebService interface has an arbitrary file read vulnerability. The vulnerability exists in the getTodoCount method which can be exploited to read arbitrary files on the system. FOFA: body="Com_Parameter" -
landray-oa-sysNotifyTodoWebServiceEkpj-fileread: Landray OA sysNotifyTodoWebServiceEkpj File Read POC
Landray OA System sysNotifyTodoWebServiceEkpj interface has an arbitrary file read vulnerability. The vulnerability exists in the getAllTodoId method which can be exploited to read arbitrary files on the system. FOFA: body="Com_Parameter" -
landray-oa-syssearchmain-rce: Landray sysSearchMain.do RCE POC
蓝凌OA sysSearchMain.do文件 存在任意文件写入漏洞,攻击者获取后台权限后可通过漏洞写入任意文件,也可以通过 custom.jsp 文件未授权写入恶意文件 app="Landray-OA系统" -
landray-oa-sysSynchroGetOrgWebService-fileread: Landray OA sysSynchroGetOrgWebService File Read POC
Landray OA System sysSynchroGetOrgWebService interface has an arbitrary file read vulnerability. The vulnerability exists in the getOrgStaffingLevelInfo method which can be exploited to read arbitrary files on the system. FOFA: body="Com_Parameter" -
landray-oa-sysTagWebService-fileread: Landray OA sysTagWebService File Read POC
Landray OA System sysTagWebService interface has an arbitrary file read vulnerability. The vulnerability exists in the getGroups method which can be exploited to read arbitrary files on the system. FOFA: body="Com_Parameter" -
landray-oa-thirdImSyncForKKWebService-fileread: Landray OA thirdImSyncForKKWebService File Read POC
Landray EKP System sysFormMainDataInsystemWebservice interface has an arbitrary file read vulnerability. FOFA: body="Com_Parameter" -
landray-oa-treexml-rce: Landray OA treexml.tmpl script 远程代码执行漏洞 POC
蓝凌OA treexml.tmpl存在远程命令执行漏洞,攻击者通过发送特定的请求包可以获取服务器权限 app="Landray-OA系统"