Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
I found an arbitrary file read vulnerability at V1.3 In the module of error log URL: http://localhost/index.php?m=admin&c=Tool&a=log&file=D%3A%5CphpStudy%5CWWW%5CSkycaijiApp%5CRuntime%5CLogs%5CAdmin%5C18_09_13.log The parameter of file can control,for example read index.php POC:
suggest:limit the parameter of file Info:V1.3 I hope you can fix it Best wish! author by:xijun.liao@dbappsecurity.com
The text was updated successfully, but these errors were encountered:
2.0版本已修复
Sorry, something went wrong.
No branches or pull requests
I found an arbitrary file read vulnerability at V1.3

In the module of error log
URL: http://localhost/index.php?m=admin&c=Tool&a=log&file=D%3A%5CphpStudy%5CWWW%5CSkycaijiApp%5CRuntime%5CLogs%5CAdmin%5C18_09_13.log
The parameter of file can control,for example read index.php
POC:
suggest:limit the parameter of file
Info:V1.3
I hope you can fix it
Best wish!
author by:xijun.liao@dbappsecurity.com
The text was updated successfully, but these errors were encountered: