CVE-2022-27043 PoC — Yearning 路径遍历漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-27043.yaml

Associated Vulnerability

Title:Yearning 路径遍历漏洞 (CVE-2022-27043)
Description:Yearning是中国Henry Yee个人开发者的一个出色方便快捷的 Mysql SQL 审核平台。 Yearning 存在安全漏洞，该漏洞源于存在一个目录遍历漏洞。攻击者可以利用该漏洞获取敏感信息。以下产品及版本受到影响：v2.3.1 Interstellar GA，v 2.3.2 Interstellar GA，v 2.3.4 Neptune，v 2.3.5 Neptune，v 2.3.6 Neptune。

Description

Yearning has a directory traversal vulnerability that can be exploited by attackers to obtain sensitive information. The vulnerability is present in multiple versions of Yearning.

File Snapshot


 id: CVE-2022-27043

info:
  name: Yearning - Directory Traversal
  author: Co5mos
  severity: high
 

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!