lingmeng-bit issues

Repositories
Issues
Comments

Results 2 issues of


                                            lingmeng-bit

Any user password modification exists in the system

When a user logs in, you can get various information under the user's cookie, one of which is cid=20154084, which is the user's login ID ![Image](https://github.com/user-attachments/assets/137ac1ce-04ea-4600-b2af-10deaa927521) The data after logging...

oasys has arbitrary file download

oasys has arbitrary file download ![Image](https://github.com/user-attachments/assets/7709793d-ab55-412e-9f8c-4da6d93f1b9a) By looking at the ProcedureController.java file in the source code, it is found that although the filtering is done through the tomcat framework, /show...