admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-05 10:16:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

add Clinical Browsing System Boolean SQLi

Browse Source
This commit is contained in:
corp0ra1 2021-08-02 15:11:48 +08:00 committed by GitHub
parent 8229a84e96
commit 04fd2b8045
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
Clinical_Browsing_System/Clinical_Browsing_System_Boolean_SQLi.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.1 MiB

10
Clinical_Browsing_System/README.md Normal file
View File

@ -0,0 +1,10 @@
# Clinical Browsing System login.php Boolean SQLi
There is a Boolean SQL injection vulnerability in the login of clinical browsing system. Through this vulnerability, an attacker can directly log in to the system using the universal password such like \"1'or 1='1\", and even obtain sensitive information in the database through Boolean blind injection.
**FOFA query rule**: [body="/KView/ChromeBrowser.exe"](https://fofa.so/result?qbase64=Ym9keT0iL0tWaWV3L0Nocm9tZUJyb3dzZXIuZXhlIg%3D%3D)
# Demo
![](Clinical_Browsing_System_Boolean_SQLi.gif)