漏洞描述
【漏洞对象】OOP 【漏洞描述】 该产品page.php页面pageid参数存在sql注入漏洞,可能造成数据泄露,甚至服务器被入侵。
OOP CMS BLOG page.php页面pageid参数-SQL注入
PoC代码
暂无相关漏洞推荐
- 用友NC /portal/pt/infopathimport/importExcelTemplate pageId 文件上传漏洞
- XWiki Platform /rest/wikis/xwiki/pages 权限绕过漏洞(CVE-2025-29925)
- 用友NC系统pagesServlet接口SQL注入漏洞
- 用友NC /portal/pt/servlet/pagesServlet/doPost SQL 注入漏洞
- AJ-Report /;swagger-ui/dataSource/pageList SQL 注入漏洞(CVE-2024-5350)
- POC CVE-2010-1586: HP System Management Homepage (SMH) v2.x.x.x - Open Redirect
- POC CVE-2021-33807: Cartadis Gespage 8.2.1 - Directory Traversal
- POC CVE-2023-0159: Extensive VC Addons for WPBakery page builder < 1.9.1 - Unauthenticated RCE
- POC CVE-2024-34982: LyLme-Spage - Arbitary File Upload
- POC CVE-2024-36675: LyLme spage v1.9.5 - Server-Side Request Forgery
- POC huhui-servicepage-fileread: 互慧-急诊综合管理平台-ServicePage.aspx-任意文件读取漏洞
- POC gitlab-page-csp-bypass: Content-Security-Policy Bypass - GitLab Page
- POC pdi-device-page: PDI Intellifuel - Device Page