漏洞描述
【漏洞对象】云ec开源商城系统 【漏洞描述】云EC电商系统的inc/module/news.php存在SQL注入漏洞,可造成信息数据泄露,攻击者可利用该漏洞执行SQL指令,甚至入侵服务器。
云EC电商系统 news.php-SQL注入
PoC代码
暂无相关漏洞推荐
- 用友时空KSOA downnewsatt.jsp 文件读取漏洞
- POC 用友时空KSOA downnewsatt.jsp 存在任意文件读取漏洞
- ecology-ifnewscheckoutbycurrentuser-dwr-sqli: 泛微 E-Cology ifnewscheckoutbycurrentuser.dwr SQL 注入
- 索贝融媒体 /news-adapter/rest/s/doc/queryBySQL SQL 注入漏洞
- 方正畅享全媒体新闻采编系统 /newsedit/newsplan/task/binary.do SQL 注入漏洞
- POC CVE-2010-1219: Joomla! Component com_janews - Local File Inclusion
- POC CVE-2023-39676: PrestaShop fieldpopupnewsletter Module - Cross Site Scripting
- POC news-script-xss: News Script Pro 2.4 - Cross-Site Scripting
- POC newsletter-open-redirect: WordPress Newsletter Manager < 1.5 - Unauthenticated Open Redirect
- POC weekender-newspaper-open-redirect: WordPress Weekender Newspaper 9.0 - Open Redirect
- POC wp-knews-xss: WordPress Knews Multilingual Newsletters 1.1.0 - Cross-Site Scripting
- POC founder-newsedit-detect: 方正全媒体采编系统
- POC founder-newsedit-syslogin-detect: 方正全媒体采编系统管理后台