用友Ehr系统的ResetPasswordViewModel模块存在利用XXE读取任意文件漏洞

Basic Fields

SSV ID:
SSV-90450
Find Time:
Unknown
Submit Time:
2016-01-15
Level:
Category:
任意文件读取
Component:
yonyou ehr
Author:
Unknown
Submitter:
kikay
CVE-ID:
Add
CNNVD-ID:
Add
CNVD-ID:
Add
ZoomEye Dork:
Add

Source

Login to see

Detail

Contributor hhxx Got  0KB
Login to see
have 0  exchange

PoC (pocsuite 插件) (pocsuite 插件)

Contributor kikay totally have   2KB
Login to see
have 1 Exchange

Reference Linking

Login to see

Solutions

Login to see
Popularity 895
Need to bind phone before comment. Bind Now

Unavailable Comments

※Any content provided by this site, only to learn the code and services, not for illegal purposes