| Title | Baizhuo Network PatrolFlow PatrolFlow-AM-2530Pro Arbitrary file read vulnerability |
|---|
| Description | PatrolFlow-AM-2530Pro Management Platform Arbitrary File Reading Vulnerability in Baizhuo Network Mailsendview.php.
Attackers can exploit vulnerabilities to gain server privileges or cause business impact on the system.
Construct the file parameter by using/boot/phpConfiguration/tb_ Admin.txt, read the login account password. With the account password, you can directly log in to the background or read any file in the system. |
|---|
| Source | ⚠️ https://github.com/kpz-wm/cve |
|---|
| User | Anonymous User |
|---|
| Submission | 11/26/2023 07:40 (3 years ago) |
|---|
| Moderation | 12/07/2023 13:49 (11 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 247157 [Byzoro PatrolFlow 2530Pro up to 20231126 /log/mailsendview.php File path traversal] |
|---|
| Points | 20 |
|---|