漏洞描述
Hikvision Hybrid SAN存在SQL注入漏洞,此漏洞是由于dynamic_log.php接口对用户请求的downloadtype参数的值验证不当造成的。
Hikvision Hybrid SAN CVE-2022-28161 SQL注入漏洞
PoC代码
暂无相关漏洞推荐
-
Hikvision Hybrid SAN/Cluster Storage 存在安全漏洞(CVE-2022-28171) 无POC
2025-06-03 | Hikvision Hybrid SAN Cluster StorageHikvision Hybrid SAN/Cluster Storage 存在安全漏洞,该漏洞源于 web模块输入验证不足。攻击者利用该漏洞通过发送带有恶意命令的消息来执行受限命令. -
Webmin /package-updates/update.cgi 命令执行漏洞(CVE-2022-36446) 无POC
2025-09-05 | WebminWebmin是Webmin社区的一套基于Web的用于类Unix操作系统中的系统管理工具。 Webmin 1.997之前的版本存在安全漏洞,该漏洞源于其software/apt-lib.pl组件缺少对U... -
CVE-2022-0342: Zyxel authentication bypass patch analysis POC
2025-09-01 | ZyxelAn authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versio... -
CVE-2022-0434: WordPress Page Views Count <2.4.15 - SQL Injection POC
2025-09-01 | WordPressWordPress Page Views Count plugin prior to 2.4.15 contains an unauthenticated SQL injection vulnerab... -
CVE-2022-0540: Atlassian Jira - Authentication bypass in Seraph POC
2025-09-01 | Atlassian JiraA vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication b...