### 简要描述: 用友某系统多处Getshell+用户敏感信息泄露 ### 详细说明: #1 漏洞代码 /5107https://images.seebug.org/upload/upload.php /5107https://images.seebug.org/upload/screenImagesSave.php ``` None ``` 上传文件jpg格式的网马文件,上传 即可在/data/files/日期/下生成1.php.a;.7z #3 连接木马文件 http://icc.hnair.com/data/files/20140416/1.php.a%3B.7z [<img src="https://images.seebug.org/upload/201405/121534158c273d137b6056639a19b0b541af7c69.jpg" alt="22.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201405/121534158c273d137b6056639a19b0b541af7c69.jpg) ### 漏洞证明: #4 用户敏感信息泄露 [<img src="https://images.seebug.org/upload/201405/12153550ece7a5190d9c8b619b62ebac59168736.jpg" alt="screen1D151123820.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201405/12153550ece7a5190d9c8b619b62ebac59168736.jpg) [<img src="https://images.seebug.org/upload/201405/12153907c1f5fdd847c2fbd422959c1e3e983e88.jpg" alt="screen1D49144055.jpg" width="600"...
### 简要描述: 用友某系统多处Getshell+用户敏感信息泄露 ### 详细说明: #1 漏洞代码 /5107https://images.seebug.org/upload/upload.php /5107https://images.seebug.org/upload/screenImagesSave.php ``` None ``` 上传文件jpg格式的网马文件,上传 即可在/data/files/日期/下生成1.php.a;.7z #3 连接木马文件 http://icc.hnair.com/data/files/20140416/1.php.a%3B.7z [<img src="https://images.seebug.org/upload/201405/121534158c273d137b6056639a19b0b541af7c69.jpg" alt="22.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201405/121534158c273d137b6056639a19b0b541af7c69.jpg) ### 漏洞证明: #4 用户敏感信息泄露 [<img src="https://images.seebug.org/upload/201405/12153550ece7a5190d9c8b619b62ebac59168736.jpg" alt="screen1D151123820.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201405/12153550ece7a5190d9c8b619b62ebac59168736.jpg) [<img src="https://images.seebug.org/upload/201405/12153907c1f5fdd847c2fbd422959c1e3e983e88.jpg" alt="screen1D49144055.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201405/12153907c1f5fdd847c2fbd422959c1e3e983e88.jpg)
