java deserialization vulnerability in some IPs of UFNC

UFIDA NC system provides group enterprises with a new large-scale enterprise management and e-business platform that supports compliance application requirements and innovation needs, as well as personalized configuration, integration, implementation, operation and maintenance, and management...

用友多个系统通用漏洞导致接口信息泄露引发多数据库信息泄露（涉及多个大型厂商）

简要描述： 详细说明： 通过webservice接口泄露,涉及多个系统 一、NC系统 http://123.232.105.202/ http://erp.suning.com.cn/ http://115.238.57.245/ 以苏宁为例。 接口地址:http://erp.suning.com.cn/uapws/service 会发现很多接口,以数据库内网链接泄露为例太多接口了,不一一测试了 得到数据库内网链接为:http://erp.suning.com.cn/uapws/service/nc.itf.ses.inittool.PortalSESInitToolService?ws...