漏洞描述
【漏洞对象】泛微eoffice系统 【漏洞描述】该产品content_-99.php文件block_id参数存在sql注入漏洞,可能造成数据泄漏,甚至服务器被入侵。
泛微E-office content_-99.php页面block_id参数-SQL注入
PoC代码
暂无相关漏洞推荐
- RuoYi AI /prod-api/system/model/list 信息泄露漏洞(CVE-2025-3199)
- Codeastro Real_estate_management_system注入漏洞(CVE-2025-14899)
- (CVE-2025-67896) Exim 4.99.1之前版本远程堆溢出漏洞
- POC CVE-2023-37999: HT Mega – Absolute Addons for Elementor <= 2.2.0 - Missing Authorization to Privilege Escalation
- POC CVE-2025-34299: Monsta FTP <= 2.11.2 - Unauthenticated Remote Code Execution
- POC CVE-2024-53995: SickChill - Open Redirect
- 万户OA /defaultroot/modules/govoffice/gov_documentmanager/govdocumentmanager_sendfile_gd.jsp;.js SQL 注入漏洞
- 万户OA officeserver 任意文件上传漏洞
- GLPI /index.php/ajax/ SQL 注入漏洞(CVE-2025-24799)
- 泛微e-office /E-mobile/App/System/UserSelect/dept.php 未授权访问漏洞
- POC 万户ezOFFICE协同管理平台 /defaultroot/modules/govoffice/gov_documentmanager/receivefile_gd.jsp;.js SQL 注入漏洞
- POC CVE-2025-51991: XWiki <= 17.3.0 - Server-Side Template Injection (SSTI)
- 通天星CMSV6车载定位监控平台 /edu_security_officer/disable;downloadLogger.action SQL 注入漏洞