### 简要描述:
用友
### 详细说明:
#1越权访问系统日志session泄露
http://218.93.115.141:8080/seeyon//logs/login.log
[<img src="https://images.seebug.org/upload/201512/012205281b1767575a4c063e6ffa24f0855478a8.png" alt="QQ截图20151201215929.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201512/012205281b1767575a4c063e6ffa24f0855478a8.png)
#2弱口令协同办公、全公司通讯录
http://218.93.115.141:8080/seeyon/
bainh 123456
[<img src="https://images.seebug.org/upload/201512/012205374e9b3c658f6701e1b7e6d8e96c01331d.png" alt="QQ截图20151201215957.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201512/012205374e9b3c658f6701e1b7e6d8e96c01331d.png)
[<img src="https://images.seebug.org/upload/201512/01220547316648eab147f6023278e4bb75d6c200.png" alt="QQ截图20151201220022.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201512/01220547316648eab147f6023278e4bb75d6c200.png)
[<img src="https://images.seebug.org/upload/201512/01220553069f0ce89241e3ebc4fa864381d35aab.png" alt="QQ截图20151201220113.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201512/01220553069f0ce89241e3ebc4fa864381d35aab.png)
#3性能监控后台
management/status.jsp
WLCCYBD@SEEYON
[<img src="https://images.seebug.org/upload/201512/01220600f43b1d88627f270597f75a5a19aea5a2.png" alt="QQ截图20151201220232.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201512/01220600f43b1d88627f270597f75a5a19aea5a2.png)
[<img src="https://images.seebug.org/upload/201512/01220607f98c9bd6835c65959f01a1338863e2c1.png" alt="QQ截图20151201220241.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201512/01220607f98c9bd6835c65959f01a1338863e2c1.png)
### 漏洞证明:
同上
京公网安备 11010502034610号
暂无评论