CVE-2011-4367 PoC — Apache MyFaces Core ‘ln’ 参数目录遍历漏洞

Source

https://github.com/andikahilmy/CVE-2011-4367-myfaces-vulnerable

Associated Vulnerability

Title:Apache MyFaces Core ‘ln’ 参数目录遍历漏洞 (CVE-2011-4367)
Description:Apache MyFaces是美国阿帕奇（Apache）软件基金会的一个项目，它实现了JavaServer Faces（JSF，一个用于构建Web应用程序的标准Java框架）。Core是其中的一个实现了JSF 1.1、JSF 1.2、JSF 2.0和JSF 2.1规范的子项目。 Apache MyFaces Core 2.0.0至2.0.111 版本和2.1.0至2.1.5版本的MyFaces JSF中存在目录遍历漏洞，该漏洞源于faces/javax.faces.resource/web.xml页面没有

File Snapshot


 None

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2011-4367 PoC — Apache MyFaces Core ‘ln’ 参数目录遍历漏洞

Source

Associated Vulnerability

File Snapshot

Remarks