当前位置:网站首页>Pan micro e-cology8 foreground SQL injection POC
Pan micro e-cology8 foreground SQL injection POC
2022-07-26 08:44:00 【afei00123】
Catalog
1. Preface
Pan Wei ecology8 Is a OA Office products . But its version ecology8 There is a front desk SQL Inject . You can get the system administrator password hash. The vulnerability is in 2021 year 04 month 08 Japan ,HW On the first day .
Fanwei official website :https://www.weaver.com.cn/
Try to submit to CNVD On , Rejected . I wanted to pick up a hole . It's really impossible , Suddenly feel the charm of code audit .
It says that this vulnerability is an open vulnerability , It doesn't mean 4 month 8 The no. 0day. I don't know which hole is below .
边栏推荐
- Kept dual machine hot standby
- 六、品达通用权限系统__pd-tools-log
- Oracle 19C OCP 1z0-082 certification examination question bank (42-50)
- Foundry教程:使用多种方式编写可升级的智能合约(上)
- KV database based on raft consensus protocol
- MySQL 8.0 OCP 1z0-908 certification examination question bank 1
- pl/sql之集合-2
- Neo eco technology monthly | help developers play smart contracts
- Memory management - dynamic partition allocation simulation
- Analysis on the query method and efficiency of Oracle about date type
猜你喜欢
Arbitrum launched the anytrust chain to meet the diverse needs of ecological projects
Xshell batch send command to multiple sessions
![[GUI] swing package (window, pop-up window, label, panel, button, list, text box)](/img/05/8e7483768a4ad2036497cac136b77d.png)
[GUI] swing package (window, pop-up window, label, panel, button, list, text box)
为什么要在时钟输出上预留电容的工位?
Deploy prometheus+grafana monitoring platform
Excel delete blank lines
OA项目之我的会议(查询)
Flitter imitates wechat long press pop-up copy recall paste collection and other custom customization
1、 Redis data structure
uni-app 简易商城制作
随机推荐
The effective condition of MySQL joint index and the invalid condition of index
CIS 2020 - alternative skills against cloud WAF (pyn3rd)
Fluent uses protobuf
Kotlin program control
Nodejs2day(nodejs的模块化,npm下载包,模块加载机制)
23.5 event listeners of application events and listeners
Using the primitive root of module m to judge and solve
Cve-2021-3156 duplicate of sudo heap overflow privilege raising vulnerability
The data read by Flink Oracle CDC is always null. Do you know
Analysis on the query method and efficiency of Oracle about date type
利用模m的原根存在性判断以及求解
flink oracle cdc 读取数据一直为null,有大佬知道么
12306 ticket system crawling - 1. Saving and reading of city code data
pl/sql之集合
Redis advanced
Deploy prometheus+grafana monitoring platform
Flutter upgrade 2.10
PXE principles and concepts
JS tool function Encyclopedia
MySQL 8.0 OCP 1z0-908 certification examination question bank 1