漏洞描述
【漏洞对象】Baby Names Search Engin 【涉及版本】 1.0 【漏洞描述】 Baby Names SearchEngine宝宝名字搜索引擎1.0版本index.php文件a参数联合查询SQL注入,可造成数据泄露,甚至服务器被入侵。
Baby Names Search Engine 1.0-index.php-SQL注入
PoC代码
暂无相关漏洞推荐
- WordPress AI Engine /wp-json/mcp/v1 信息泄露漏洞(CVE-2025-11749)
- (CVE-2023-53878)Member Login Script 3.3客户端去同步漏洞
- POC CVE-2021-37415: Zoho ManageEngine ServiceDesk Plus - Authentication Bypass
- POC CVE-2023-23897: Ozette Plugins - Cross-Site Request Forgery
- POC wp-woocommerce-admin-fpd: WordPress Plugin WooCommerce Admin (woocommerce-admin) Full Path Disclosure
- 若依管理系统 /monitor/cache/getNames 命令执行漏洞
- 殡仪馆管理系统 AshesSearch.jsp 信息泄露
- POC CVE-2017-5983: JIRA Workflow Designer Plugin in Atlassian JIRA Server > 6.3.0 - Remote Code Execution (XXE)
- POC CVE-2021-4449: ZoomSounds Plugin - Unauthenticated Arbitrary File Upload
- POC CVE-2023-38875: PHP Login System 2.0.1 - Cross-Site Scripting
- POC CVE-2023-5815: News & Blog Designer Pack – WordPress Blog Plugin <= 3.4.1 - Unauthenticated Local File Inclusion
- POC nginx-status-403-bypass: Nginx Status Page - 403 Bypass
- POC 多客圈子论坛系统 /api/index/getGoodslist SQL 注入漏洞