CVE-2009-0497 in Openfire
摘要
由 VulDB • 2026-06-22
Ignite Realtime Openfire 3.6.2 中 log.jsp 存在目录遍历漏洞,远程攻击者可通过在 log 参数中使用 `..\`(点号加点号加反斜杠)读取任意文件。
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
由 VulDB • 2026-06-22
Ignite Realtime Openfire 3.6.2 中 log.jsp 存在目录遍历漏洞,远程攻击者可通过在 log 参数中使用 `..\`(点号加点号加反斜杠)读取任意文件。
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.