id: zhiyuan-file-upload info: name: Zhiyuan OA Arbitrary File Upload Vulnerability author: gy741 severity: critical description: A vulnerability in Zhiyuan OA allows remote unauthenticated attackers to upload arbitrary files to the remote server and cause execute arbitrary code to be executed. reference: - https://www.programmersought.com/article/92658169875/ remediation: Apply the appropriate patch. tags: zhiyuan,rce,fileupload,seeyon,intrusive requests: - method: GET path: - "{{BaseURL}}/seeyon/thirdpartyController.do.css/..;/ajax.do" matchers-condition: and matchers: - type: word words: - "java.lang.NullPointerException:null" - type: word words: - "text/html" part: header - type: status status: - 200 # Enhanced by mp on 2022/02/04