漏洞描述
NC Portal MtAppTimeLineAction接口存在SQL注入漏洞<span style="color: rgb(48, 49, 51);">,可能导致敏感信息泄露,对服务器造成危害。</span>
关于NC Portal端MtAppTimeLineAction接口存在SQL注入漏洞修复通告
PoC代码
暂无相关漏洞推荐
- itsourcecode Open Source Job Portal SQL注入漏洞
- 用友U8Cloud /servlet/~uap/nc.merp.bs.maportal.NCPortalServlet XML 外部实体注入漏洞
- mojoPortal imagehandler存在任意文件读取漏洞
- POC CVE-2010-1312: Joomla! Component News Portal 1.5.x - Local File Inclusion
- POC CVE-2015-3897: Bonita BPM Portal <6.5.3 - Local File Inclusion
- POC CVE-2017-14186: FortiGate FortiOS SSL VPN Web Portal - Cross-Site Scripting
- POC CVE-2020-7961: Liferay Portal Unauthenticated < 7.2.1 CE GA2 - Remote Code Execution
- POC CVE-2022-32409: Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion
- POC CVE-2022-42118: Liferay Portal - Cross-site Scripting
- POC CVE-2023-24322: mojoPortal 2.7.0.0 - Cross-Site Scripting
- POC CVE-2023-44012: mojoPortal v.2.7.0.0 - Cross-Site Scripting
- POC CVE-2023-4490: WordPress Job Portal < 2.0.6 - SQL Injection
- POC CVE-2025-28367: mojoPortal <=2.9.0.1 - Directory Traversal