漏洞描述
红帆HFOffice CAWS接口处存在SQL注入漏洞。攻击者可以通过构造恶意的SQL语句,成功注入并执行恶意数据库操作,可能导致敏感信息泄露、数据库被篡改或其他严重后果。
红帆HFOffice CAWS 接口处存在SQL注入漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2009-5020: AWStats < 6.95 - Open Redirect
- POC CVE-2012-4547: AWStats 6.95/7.0 - 'awredir.pl' Cross-Site Scripting
- POC CVE-2017-10974: Yaws 1.91 - Local File Inclusion
- POC unencrypted-aws-ami: Unencrypted AWS AMI
- POC iam-expired-ssl: Remove Expired SSL/TLS Certificates in AWS IAM
- POC iam-mfa-enable: MFA not enabled for AWS IAM Console User
- POC rds-backtrack-disabled: AWS RDS Backtrack - Disabled
- POC vpn-tunnel-down: AWS VPN Tunnel Down
- POC aws-config: AWS Configuration - Detect
- POC aws-credentials: AWS Credentials - Detect
- POC wpconfig-aws-keys: AWS S3 keys Leak
- POC aws-secret-key: AWS Secret Key
- POC aws-object-listing: AWS bucket with Object listing