漏洞描述
广州璐华信息技术有限公司 璐华OA wf_template_sync_content.aspx存在SQL注入漏洞,攻击者可利用该漏洞获取数据库敏感信息并控制服务器权限。
RuvaOA MF.aspx SQL注入
PoC代码
暂无相关漏洞推荐
- Fortra GoAnywhere MFT 未授权 反序列化漏洞 可导致命令注入
- (CVE-2025-10035)Fortra GoAnywhere MFT License Servlet反序列化漏洞可能导致命令注入
- SecurEnvoy MFA /secserver/ LDAP 注入漏洞(CVE-2024-37393)
- POC CVE-2012-4242: WordPress Plugin MF Gig Calendar 0.9.2 - Cross-Site Scripting
- POC CVE-2020-23575: Kyocera Printer d-COPIA253MF - Directory Traversal
- POC CVE-2021-21745: ZTE MF971R - Referer authentication bypass
- POC CVE-2021-24510: WordPress MF Gig Calendar <=1.1 - Cross-Site Scripting
- POC CVE-2023-0669: Fortra GoAnywhere MFT - Remote Code Execution
- POC CVE-2024-0204: Fortra GoAnywhere MFT - Authentication Bypass
- POC CVE-2024-51977: Brother MFC-L9570CDW - Information Disclosure
- POC mfa-console-password-disabled: MFA For RAM Users With Console Password - Disabled
- POC cloudtrail-mfa-delete: CloudTrail MFA Delete
- POC iam-mfa-enable: MFA not enabled for AWS IAM Console User