CVE-2023-45855 PoC — qdPM 路径遍历漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-45855.yaml

Associated Vulnerability

Title:qdPM 路径遍历漏洞 (CVE-2023-45855)
Description:qdPM是一款基于Web的开源项目管理工具。 qdPM 9.2版本存在安全漏洞，该漏洞源于存在目录遍历漏洞。允许攻击者通过导航到/uploads URI来列出文件和目录。

Description

qdPM 9.2 allows Directory Traversal to list files and directories by navigating to the /uploads URI.

File Snapshot


 id: CVE-2023-45855

info:
  name: qdPM 9.2 - Directory Traversal
  author: DhiyaneshDk
  severity: h

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.