漏洞描述
OpenCart Newsletter Custom Popup模块是一个用于时事通讯订阅的模块。在Opencart Newsletter CustomPopup 4.0模块extension/module/so_newletter_custom_popup/newsletter接口由于过滤不当导致存在SQL注入漏洞。
OpenCart So Newsletter Custom Popup 4.0 模块 email 参数 SQL 注入漏洞
PoC代码
暂无相关漏洞推荐
- 孚盟云CRM /m/Dingding/Ajax/AjaxCustomerList.ashx SQL 注入漏洞
- POC CVE-2021-25082: WordPress Popup Builder < 4.0.7 - Remote Code Execution
- POC CVE-2025-13486: Advanced Custom Fields Extended < 0.9.2 - Remote Code Execution
- POC wp-newsletter-log-exposure: WordPress Newsletter - Log File Exposure
- POC wp-acf-fpd: Advanced Custom Fields (ACF) - Full Path Disclosure
- POC wp-custom-post-type-ui-fpd: WordPress Custom Post Type UI - Full Path Disclosure
- POC wp-intuitive-custom-post-order-fpd: WordPress Plugin Intuitive Custom Post Order - Full Path Disclosure
- POC wp-newsletter-fpd: WordPress Plugin Newsletter - Full Path Disclosure
- POC wp-popup-maker-fpd: Popup Maker - Full Path Disclosure
- POC wp-simple-custom-css-fpd: WordPress Simple Custom CSS Plugin - Full Path Disclosure
- 孚盟云CRM AjaxCustomerList.ashx 存在SQL注入漏洞
- 孚盟云CRM AjaxCustomerInfoAtion.ashx 存在SQL注入漏洞
- POC 金和OA CustomerImport.aspx XXE漏洞