漏洞描述
红帆科技深耕医疗行业21年,专注医疗行政办公管理,经过了多年的经验积累,oa办公系统、bpm,移动oa,流程管理等系统在实际应用中得到了良好的印证。红帆OA系统iocomGetAtt.aspx文件存在sql注入漏洞:获取数据、修改数据、删除数据等.
红帆 ioffice iocomGetAtt.aspx SQL注入漏洞
PoC代码
暂无相关漏洞推荐
- 红帆OA /ioffice/prg/Mobile/Base/MobileBind.aspx SQL 注入漏洞
- 红帆ioffice HbcaUserLogin.aspx SQL注入漏洞
- 红帆ioffice mrClearPwd.aspx SQL注入漏洞
- 红帆ioffice PgcaUserLogin.aspx SQL注入漏洞
- POC hongfan-iodesktopdata-sqli: 红帆iOffice ioDesktopData.asmx接口SQL注入
- POC hongfan-ioffice-iofiledown-fileread: 红帆 iOffice ioFileDown 任意文件读取漏洞
- POC ioffice-oa-iofileexport-read-file: 红帆OA ioFileExport.aspx 任意文件读取漏洞
- POC ioffice-oa-udfmr-asmx-sql-inject: 红帆OA udfmr.asmx SQL注入漏洞
- POC hongfan-ioffice-lfi: Hongfan OA ioFileExport.aspx - Arbitrary File Read
- POC hongfan-ioffice-rce: Hongfan OA ioAssistance.asmx - Remote Code Execution
- POC hongfan-ioffice-sqli: Hongfan OA udfmr.asmx - SQL injection
- POC 红帆 ioffice /iOffice/Identity/NetCAUserLogin.aspx SQL 注入漏洞
- POC 红帆 IOffice /iOffice/prg/set/wss/MobileOA.asmx SQL 注入漏洞